CVE-2024-44965
MEDIUM EPSS 12.8%
Published Sep 4, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Sep 4, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack guard. It turned out that pti_clone_pgtable() had alignment assumptions on the start address, notably it hard assumes start is PMD aligned. This is true on x86_64, but very much not true on i386. These assumptions can cause the end condition to malfunction, leading to a 'short' clone. Guess what happens when the user mapping has a short copy of the entry text? Use the correct increment form for addr to avoid alignment assumptions.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
12.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 8
References 10
- git.kernel.org https://git.kernel.org/stable/c/18da1b27ce16a14a9b636af9232acb4fb24f4c9e
- git.kernel.org https://git.kernel.org/stable/c/25a727233a40a9b33370eec9f0cad67d8fd312f8
- git.kernel.org https://git.kernel.org/stable/c/41e71dbb0e0a0fe214545fe64af031303a08524c
- git.kernel.org https://git.kernel.org/stable/c/4d143ae782009b43b4f366402e5c37f59d4e4346
- git.kernel.org https://git.kernel.org/stable/c/5c580c1050bcbc15c3e78090859d798dcf8c9763
- git.kernel.org https://git.kernel.org/stable/c/ca07aab70dd3b5e7fddb62d7a6ecd7a7d6d0b2ed
- git.kernel.org https://git.kernel.org/stable/c/d00c9b4bbc442d99e1dafbdfdab848bc1ead73f6
- git.kernel.org https://git.kernel.org/stable/c/df3eecb5496f87263d171b254ca6e2758ab3c35c
- lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Remediation
- git.kernel.org https://git.kernel.org/stable/c/18da1b27ce16a14a9b636af9232acb4fb24f4c9e
- git.kernel.org https://git.kernel.org/stable/c/25a727233a40a9b33370eec9f0cad67d8fd312f8
- git.kernel.org https://git.kernel.org/stable/c/41e71dbb0e0a0fe214545fe64af031303a08524c
- git.kernel.org https://git.kernel.org/stable/c/4d143ae782009b43b4f366402e5c37f59d4e4346
- git.kernel.org https://git.kernel.org/stable/c/5c580c1050bcbc15c3e78090859d798dcf8c9763
- git.kernel.org https://git.kernel.org/stable/c/ca07aab70dd3b5e7fddb62d7a6ecd7a7d6d0b2ed
- git.kernel.org https://git.kernel.org/stable/c/d00c9b4bbc442d99e1dafbdfdab848bc1ead73f6
- git.kernel.org https://git.kernel.org/stable/c/df3eecb5496f87263d171b254ca6e2758ab3c35c