CVE-2024-43832

MEDIUM EPSS 13.1%
Published Aug 17, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: s390/uv: Don't call folio_wait_writeback() without a folio reference folio_wait_writeback() requires that no spinlocks are held and that a folio reference is held, as documented. After we dropped the PTL, the folio could get freed concurrently. So grab a temporary reference.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥5.7  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 5

  • git.kernel.org https://git.kernel.org/stable/c/1a1eb2f3fc453dcd52726d13e863938561489cb7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3f29f6537f54d74e64bac0a390fb2e26da25800d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8736604ef53359a718c246087cd21dcec232d2fb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b21aba72aadd94bdac275deab021fc84d6c72b16
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1a1eb2f3fc453dcd52726d13e863938561489cb7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3f29f6537f54d74e64bac0a390fb2e26da25800d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8736604ef53359a718c246087cd21dcec232d2fb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b21aba72aadd94bdac275deab021fc84d6c72b16
    Patch