CVE-2024-44965

MEDIUM EPSS 12.8%
Published Sep 4, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 4, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack guard. It turned out that pti_clone_pgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386. These assumptions can cause the end condition to malfunction, leading to a 'short' clone. Guess what happens when the user mapping has a short copy of the entry text? Use the correct increment form for addr to avoid alignment assumptions.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
12.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥4.19  –  <4.19.320
linuxlinux_kernel*≥4.20  –  <5.4.282
linuxlinux_kernel*≥5.5  –  <5.10.224
linuxlinux_kernel*≥5.11  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.105
linuxlinux_kernel*≥6.2  –  <6.6.46
linuxlinux_kernel*≥6.7  –  <6.10.5
linuxlinux_kernel6.11any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/18da1b27ce16a14a9b636af9232acb4fb24f4c9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25a727233a40a9b33370eec9f0cad67d8fd312f8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41e71dbb0e0a0fe214545fe64af031303a08524c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d143ae782009b43b4f366402e5c37f59d4e4346
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5c580c1050bcbc15c3e78090859d798dcf8c9763
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ca07aab70dd3b5e7fddb62d7a6ecd7a7d6d0b2ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d00c9b4bbc442d99e1dafbdfdab848bc1ead73f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/df3eecb5496f87263d171b254ca6e2758ab3c35c
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/18da1b27ce16a14a9b636af9232acb4fb24f4c9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25a727233a40a9b33370eec9f0cad67d8fd312f8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41e71dbb0e0a0fe214545fe64af031303a08524c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d143ae782009b43b4f366402e5c37f59d4e4346
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5c580c1050bcbc15c3e78090859d798dcf8c9763
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ca07aab70dd3b5e7fddb62d7a6ecd7a7d6d0b2ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d00c9b4bbc442d99e1dafbdfdab848bc1ead73f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/df3eecb5496f87263d171b254ca6e2758ab3c35c
    Patch