Linux Kernel VM_PAT Handling Vulnerability in Fork Process

A vulnerability in the Linux kernel's handling of the VM_PAT flag during the fork process has been identified. This issue arises when the track_pfn_copy() function fails, leaving the destination Virtual Memory Area (VMA) in an inconsistent state. The VM_PAT flag may be incorrectly cleared or left untracked, leading to potential errors when the untrack_pfn() function is called. The vulnerability can be reproduced by using a specific C program that triggers the issue under certain conditions.

Impact

The vulnerability can cause a warning in the kernel related to the PAT information retrieval, indicating a problem with the VMA management during the fork process.

Reproduction

The vulnerability can be reproduced by compiling and running a C program that attempts to fork a process while the track_pfn_copy() function fails. This can be done using a QEMU virtual machine with a Fedora 40 environment.