Memory Allocation Issue in Linux Kernel's TOMOYO Control Mechanism

CVE-2024-58085

Summary

A memory allocation issue has been identified in the TOMOYO control mechanism of the Linux kernel, where excessively long lines can trigger warnings for overly large memory requests. By switching to the __GFP_NOWARN flag, the need to check for KMALLOC_MAX_SIZE was eliminated, as valid lines typically do not exceed 32KB. While attempts to allocate memory for lines over this limit may lead to failures with -ENOMEM, returning a separate -EINVAL for lines longer than KMALLOC_MAX_SIZE has been deemed unnecessary.

References