CVE-2024-58085

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-58085
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58085.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-58085
Downstream
Related
Published
2025-03-06T17:15:21Z
Modified
2025-08-09T20:01:26Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

tomoyo: don't emit warning in tomoyowritecontrol()

syzbot is reporting too large allocation warning at tomoyowritecontrol(), for one can write a very very long line without new line character. To fix this warning, I use _GFPNOWARN rather than checking for KMALLOCMAXSIZE, for practically a valid line should be always shorter than 32KB where the "too small to fail" memory-allocation rule applies.

One might try to write a valid line that is longer than 32KB, but such request will likely fail with -ENOMEM. Therefore, I feel that separately returning -EINVAL when a line is longer than KMALLOCMAXSIZE is redundant. There is no need to distinguish over-32KB and over-KMALLOCMAXSIZE.

References

Affected packages