In the Linux kernel, the following vulnerability has been resolved:
s390/boot: Avoid possible physmem_info segment corruption
When physical memory for the kernel image is allocated it does not
consider extra memory required for offsetting the image start to
match it with the lower 20 bits of KASLR virtual base address. That
might lead to kernel access beyond its memory range.
Metrics
Affected Vendors & Products
References
History
Tue, 05 Nov 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-125 |
Sun, 29 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 13 Sep 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-770 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
Wed, 11 Sep 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Wed, 11 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible physmem_info segment corruption When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR virtual base address. That might lead to kernel access beyond its memory range. | |
Title | s390/boot: Avoid possible physmem_info segment corruption | |
References |
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-09-11T15:13:50.838Z
Updated: 2024-12-19T09:20:15.397Z
Reserved: 2024-08-21T05:34:56.681Z
Link: CVE-2024-45014
Vulnrichment
Updated: 2024-09-29T15:49:55.515Z
NVD
Status : Analyzed
Published: 2024-09-11T16:15:06.710
Modified: 2024-09-13T16:35:50.620
Link: CVE-2024-45014
Redhat