CVE-2024-53066

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> nfs: Fix KMSAN warning in decode_getfattr_attrs()<br /> <br /> Fix the following KMSAN warning:<br /> <br /> CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B<br /> Tainted: [B]=BAD_PAGE<br /> Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)<br /> =====================================================<br /> =====================================================<br /> BUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90<br /> decode_getfattr_attrs+0x2d6d/0x2f90<br /> decode_getfattr_generic+0x806/0xb00<br /> nfs4_xdr_dec_getattr+0x1de/0x240<br /> rpcauth_unwrap_resp_decode+0xab/0x100<br /> rpcauth_unwrap_resp+0x95/0xc0<br /> call_decode+0x4ff/0xb50<br /> __rpc_execute+0x57b/0x19d0<br /> rpc_execute+0x368/0x5e0<br /> rpc_run_task+0xcfe/0xee0<br /> nfs4_proc_getattr+0x5b5/0x990<br /> __nfs_revalidate_inode+0x477/0xd00<br /> nfs_access_get_cached+0x1021/0x1cc0<br /> nfs_do_access+0x9f/0xae0<br /> nfs_permission+0x1e4/0x8c0<br /> inode_permission+0x356/0x6c0<br /> link_path_walk+0x958/0x1330<br /> path_lookupat+0xce/0x6b0<br /> filename_lookup+0x23e/0x770<br /> vfs_statx+0xe7/0x970<br /> vfs_fstatat+0x1f2/0x2c0<br /> __se_sys_newfstatat+0x67/0x880<br /> __x64_sys_newfstatat+0xbd/0x120<br /> x64_sys_call+0x1826/0x3cf0<br /> do_syscall_64+0xd0/0x1b0<br /> entry_SYSCALL_64_after_hwframe+0x77/0x7f<br /> <br /> The KMSAN warning is triggered in decode_getfattr_attrs(), when calling<br /> decode_attr_mdsthreshold(). It appears that fattr-&gt;mdsthreshold is not<br /> initialized.<br /> <br /> Fix the issue by initializing fattr-&gt;mdsthreshold to NULL in<br /> nfs_fattr_init().