Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In the Linux kernel, the following vulnerability has been resolved:
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
As 'kdata.num' is user-controlled data, if user tries to allocate memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it creates a stack trace and messes up dmesg with a warning.
Call trace: -> privcmd_ioctl --> privcmd_ioctl_mmap_resource
Add __GFP_NOWARN in order to avoid too large allocation warning. This is detected by static analysis using smatch.