CVE-2024-45014

Summary

In the Linux kernel, the following vulnerability has been resolved:

s390/boot: Avoid possible physmem_info segment corruption

When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR virtual base address. That might lead to kernel access beyond its memory range.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux693d41f7c938f92d881e6a51525e6c132a186afd < a944cba5d57687b747023c3bc074fcf9c790f7dfaffected
LinuxLinux693d41f7c938f92d881e6a51525e6c132a186afd < d7fd2941ae9a67423d1c7bee985f240e4686634faffected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References