CVE-2024-44969
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
s390/sclp: Prevent release of buffer in I/O
When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, there is a chance that the SCLP facility might store data into buffers referenced by the original operation at a later time.
Handle this situation by not releasing the referenced data buffers if the halt attempt fails. For current use cases, this might result in a leak of few pages of memory in case of a rare hardware/firmware malfunction.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < 7a7e60ed23d471a07dbbe72565d2992ee8244bbe | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < 1ec5ea9e25f582fd6999393e2f2c3bf56f234e05 | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < a3e52a4c22c846858a6875e1c280030a3849e148 | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < a88a49473c94ccfd8dce1e766aacf3c627278463 | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < 46f67233b011385d53cf14d272431755de3a7c79 | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < 1e8b7fb427af6b2ddd54eff66a6b428a81c96633 | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < 2429ea3b4330e3653b72b210a0d5f2a717359506 | affected |
| Linux | Linux | 66aec647216f129b8560dba738303a8486481c53 < bf365071ea92b9579d5a272679b74052a5643e35 | affected |
| Linux | Linux | 4.17 | affected |
| Linux | Linux | 0 < 4.17 | unaffected |
| Linux | Linux | 4.19.320 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.282 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.224 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.165 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.105 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.46 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.5 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/7a7e60ed23d471a07dbbe72565d2992ee8244bbe
- https://git.kernel.org/stable/c/1ec5ea9e25f582fd6999393e2f2c3bf56f234e05
- https://git.kernel.org/stable/c/a3e52a4c22c846858a6875e1c280030a3849e148
- https://git.kernel.org/stable/c/a88a49473c94ccfd8dce1e766aacf3c627278463
- https://git.kernel.org/stable/c/46f67233b011385d53cf14d272431755de3a7c79
- https://git.kernel.org/stable/c/1e8b7fb427af6b2ddd54eff66a6b428a81c96633
- https://git.kernel.org/stable/c/2429ea3b4330e3653b72b210a0d5f2a717359506
- https://git.kernel.org/stable/c/bf365071ea92b9579d5a272679b74052a5643e35
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.