CVE-2024-53107

Published: Dec 2, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. The "arg->vec_len * sizeof(struct page_region))" multiplication can lead to integer wrapping. Use size_mul() to avoid that. Also the size_add/mul() functions work on unsigned long so for 32bit systems we need to ensure that "arg->vec_len" fits in an unsigned long.

Vendor	Product	Versions
Linux	Linux	affected `52526ca7fdb905a768a93f8faa418e9b988fc34b - < adee03f8903c58a6a559f21388a430211fac8ce9` affected `52526ca7fdb905a768a93f8faa418e9b988fc34b - < 669b0cb81e4e4e78cff77a5b367c7f70c0c6c05e`
Linux	Linux	affected `6.7` unaffected `0 - < 6.7` unaffected `6.11.10 - <= 6.11.` unaffected `6.12 - <= `

References

https://git.kernel.org/stable/c/adee03f8903c58a6a559f21388a430211fac8ce9

https://git.kernel.org/stable/c/669b0cb81e4e4e78cff77a5b367c7f70c0c6c05e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-53107

Description

Affected Products

References