Linux Kernel Invalid Node Migration Request Vulnerability in DAMON Module Causes Kernel Bug

A vulnerability in the Linux kernel's DAMON (Data Access Monitor) module has been identified, where the function 'damon_migrate_pages()' does not properly validate target nodes before attempting to migrate pages. This oversight can lead to a kernel bug, as the migration process may try to access an invalid node, causing a page fault error. The issue arises when users inadvertently send migration requests to invalid nodes using the DAMOS_MIGRATE_HOT or DAMOS_MIGRATE_COLD actions.

Impact

Exploitation of this vulnerability leads to a kernel bug, where the system is unable to handle a page fault due to a supervisor read access error in kernel mode. This results in a crash or instability in the kernel.

Reproduction

To reproduce this vulnerability, send a migration request to an invalid node using the DAMOS_MIGRATE_HOT or DAMOS_MIGRATE_COLD action. The 'damon_migrate_pages()' function will attempt to process the request without proper validation, leading to a page fault error. This can be observed in the kernel logs, where the 'BUG: unable to handle page fault' message indicates the occurrence of the error.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.