CVE-2024-39477: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-39477 affects the Linux kernel's memory management subsystem, specifically in the hugetlb component. The vulnerability was discovered when sysbot reported a splat on _unmaphugepagerange() function. The issue stems from vmaneedsreservation() returning -ENOMEM when allocatefileregionentries() fails to allocate the file_region struct for the reservation. This vulnerability affects Linux kernel versions from 6.9 up to (excluding) 6.9.5, and release candidates 6.10.0-rc1 and 6.10.0-rc2 (NVD).

The vulnerability occurs in the mm/hugetlb.c file where vmaneedsreservation() can return -ENOMEM if allocatefileregionentries() fails. If vmaaddreservation() is called in this case, regionabort() and regiondel() will encounter issues as there are no fileregions available. The CVSS v3.1 base score is 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified as CWE-770: Allocation of Resources Without Limits or Throttling (NVD).

The vulnerability affects system stability and resource management. When triggered, it can cause system crashes due to improper handling of memory reservations in the hugetlb subsystem. The impact is primarily on availability, with no direct effect on confidentiality or integrity of the system (NVD).

A patch has been developed that checks for the -ENOMEM return value from vmaneedsreservation() and handles it appropriately. When -ENOMEM is detected, the patch clears the hugetlbrestorereserve flag to prevent the global reserve count from being incremented by freehugefolio(). The fix is available in kernel version 6.9.5 and later (Kernel Patch).