CVE-2024-26705

Summary

In the Linux kernel, the following vulnerability has been resolved:

parisc: BTLB: Fix crash when setting up BTLB at CPU bringup

When using hotplug and bringing up a 32-bit CPU, ask the firmware about the BTLB information to set up the static (block) TLB entries.

For that write access to the static btlb_info struct is needed, but since it is marked __ro_after_init the kernel segfaults with missing write permissions.

Fix the crash by dropping the __ro_after_init annotation.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe5ef93d02d6c9cc3a14e7348481c9e41a528caa1 < 54944f45470af5965fb9c28cf962ec30f38a8f5baffected
LinuxLinuxe5ef93d02d6c9cc3a14e7348481c9e41a528caa1 < aa52be55276614d33f22fbe7da36c40d6432d10baffected
LinuxLinuxe5ef93d02d6c9cc3a14e7348481c9e41a528caa1 < 913b9d443a0180cf0de3548f1ab3149378998486affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.18 <= 6.6.*unaffected
LinuxLinux6.7.6 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References