linux_kernel_cves icon indicating copy to clipboard operation
linux_kernel_cves copied to clipboard

Published 20 hours ago verified publisher icon nluedtke

[DATA] CVE-2021-39802 is Android specific

Open DerDakon opened this issue 2 years ago • 0 comments

Change Type Requested Remove/Update

CVE id number CVE-2021-39802

References https://source.android.com/security/bulletin/2022-04-01 https://android.googlesource.com/kernel/common/+/ac4488815518c

Additional context The above commit reverts a commit from the Android kernel after a discussion with Linus in which he said

As fat as I can tell, may_avoid_write_fault() doesn't even check if the vma is writable!

Am I misreading it? Because I think you just made even a shared mmap with "mprotect(PROT_READ)" turn the pte's writable.

Which sounds exactly like the bug described here. So the code never actually made it into the upstream kernel.

DerDakon avatar May 17 '22 06:05 DerDakon