CVE-2024-53137
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
ARM: fix cacheflush with PAN
It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 7af5b901e84743c608aae90cb0e429702812c324 < e6960a2ed49c9a25357817535f7cc50594a58604 | affected |
| Linux | Linux | 7af5b901e84743c608aae90cb0e429702812c324 < ca29cfcc4a21083d671522ad384532e28a43f033 | affected |
| Linux | Linux | 6.10 | affected |
| Linux | Linux | 0 < 6.10 | unaffected |
| Linux | Linux | 6.11.10 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/e6960a2ed49c9a25357817535f7cc50594a58604
- https://git.kernel.org/stable/c/ca29cfcc4a21083d671522ad384532e28a43f033
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.