CVE-2024-42258

MEDIUM EPSS 11.5%
Published Aug 12, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 12, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. It is because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT. !CONFIG_64BIT should cover all 32 bit machines. [1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
11.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-770

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel*≥6.8  –  <6.10.3

References 5

  • git.kernel.org https://git.kernel.org/stable/c/7e1f4efb8d6140b2ec79bf760c43e1fc186e8dfc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/89f2914dd4b47d2fad3deef0d700f9526d98d11f
  • git.kernel.org https://git.kernel.org/stable/c/a5c399fe433a115e9d3693169b5f357f3194af0a
  • git.kernel.org https://git.kernel.org/stable/c/d9592025000b3cf26c742f3505da7b83aedc26d5
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/7e1f4efb8d6140b2ec79bf760c43e1fc186e8dfc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9592025000b3cf26c742f3505da7b83aedc26d5
    Patch