NVD description: In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). Upstream commit: https://github.com/torvalds/linux/commit/c24968734abfed81c8f93dc5f44a7b7a9aecadfa
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2182430]
Note that the above commit missed to zero out shmem->pages, fixed via this commit: https://github.com/torvalds/linux/commit/64b88afbd92fbf434759d1896a7cf705e1c00e79
This is fixed for Fedora with the 5.18.18 stable kernel updates.
This issue was fixed upstream in kernel version 6.0-rc1. The kernel packages as shipped in following Red Hat products were previously updated to a version that contains the fix via the following errata: kernel in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2023:2951 kernel-rt in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2023:2736 kernel in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHSA-2023:2458 kernel-rt in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHSA-2023:2148