In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is used prior to booting the kernel, so relocations are not useful. In fact, performing relocations against the .notes section means that the KASLR base is exposed since /sys/kernel/notes is world-readable. To avoid leaking the KASLR base without breaking unprivileged tools that are expecting to read /sys/kernel/notes, skip performing relocations in the .notes section. The values readable in .notes are then identical to those found in System.map.
History

Thu, 19 Dec 2024 09:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-10T13:53:49.492Z

Updated: 2024-12-19T08:48:02.350Z

Reserved: 2024-02-19T14:20:24.180Z

Link: CVE-2024-26816

cve-icon Vulnrichment

Updated: 2024-08-02T00:14:13.600Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-10T14:15:07.490

Modified: 2024-11-21T09:03:08.437

Link: CVE-2024-26816

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-04-10T00:00:00Z

Links: CVE-2024-26816 - Bugzilla