A out-of-bounds (OOB) memory access flaw was found in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c in Linux kernel graphics module. Here incrementing the page pointer for huge pages was not in sync with the reference counter, and this could lead to an out-of-bound memory problem or a DoS. A local attacker with special user privilege (or root) can plot an exploit in the memory to harm. References: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19927 Upstream patch: https://github.com/torvalds/linux/commit/453393369dc9806d2455151e329c599684762428 https://github.com/torvalds/linux/commit/a66477b0efe511d98dde3e4aaeb189790e6f0a39 https://github.com/torvalds/linux/commit/ac1e516d5a4c56bf0cb4a3dfc0672f689131cfd4
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1790045]
This was fixed for Fedora with the 5.1 kernel rebases.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.