Linux Kernel vhost/vsock Memory Allocation Vulnerability

A memory allocation vulnerability has been identified in the Linux kernel's vhost/vsock component, specifically in versions prior to the patch. The issue arises when transferring large files over SFTP via vSockets, where the default memory allocation function, kmalloc, fails to allocate the necessary 32KB regions. This failure leads to a page allocation error, causing potential disruptions in data transmission. The vulnerability has been addressed by modifying the packet allocation to use kvmalloc, which is better suited for handling larger data sizes.

Impact

The vulnerability can cause page allocation failures, disrupting data transmission over vSockets and potentially leading to denial-of-service conditions.

Reproduction

To reproduce this vulnerability, copy a large file over SFTP using vSockets. The data size typically reaches 32KB, which can trigger the allocation failure when kmalloc is unable to allocate the required memory. This results in a page allocation failure, causing disruptions in the file transfer process.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.