Linux mincore() Kernel Heap Page Disclosure

Linux mincore() discloses uninitialized kernel heap pages. When __walk_page_range() is used on a VM_HUGETLB VMA, callbacks from the mm_walk structure are only invoked for present pages. However, do_mincore() assumes that it will always get callbacks for all pages in the range passed to walk_page_range(), and when this assumption is violated, sys_mincore() copies uninitialized memory from the page allocator to userspace.
Source: Linux mincore() Kernel Heap Page Disclosure

The post Linux mincore() Kernel Heap Page Disclosure appeared first on MondoUnix.