CVE-2024-42241

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 7, 2024
Updated: Aug 8, 2024
CWE ID 770

Summary

CVE-2024-42241 is a vulnerability affecting the Linux kernel where shmem files cannot support PMD-sized page cache due to size limitations. This issue arises when the base page size is smaller than the page cache size, leading to errors for xarray entries. To resolve this issue, the Linux kernel must disable PMD-sized page cache when HPAGE_PMD_ORDER is larger than MAX_PAGECACHE_ORDER. This vulnerability, first observed with a 512MB page cache on ARM64, can cause crashes with messages like "xas_split_alloc+0xf8/0x128." The kernel's call trace shows affected functions such as "truncate_inode_partial_folio" and "shmem_undo_range." Users can prevent this vulnerability by implementing the suggested patch to disable PMD-sized page cache when required.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share