CVE-2024-40944

Summary

In the Linux kernel, the following vulnerability has been resolved:

x86/kexec: Fix bug with call depth tracking

The call to cc_platform_has() triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by load_segments() and GS_BASE is now 0 but call depth tracking uses per-CPU variables to operate.

Call cc_platform_has() earlier in the function when GS is still valid.

[ bp: Massage. ]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5d8213864ade86b48fc492584ea86d65a62f892e < d91ddd05082691e69b30744825d18ae799293258affected
LinuxLinux5d8213864ade86b48fc492584ea86d65a62f892e < 2cfb464669b645a9b98478b74f2bcea9860dcff1affected
LinuxLinux5d8213864ade86b48fc492584ea86d65a62f892e < 93c1800b3799f17375989b0daf76497dd3e80922affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.35 <= 6.6.*unaffected
LinuxLinux6.9.6 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References