CVE-2024-42251
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-42251: A kernel vulnerability affecting Linux systems, specifically in the mm: page\_ref subsystem, has been addressed. The issue was identified in a non-SMP kernel and resulted in an "invalid opcode" error during a kernel dump. The root cause was reported as a bug in the try\_get\_folio function of the mm/gup.c file. The vulnerability allowed for an unauthorized process (PID: 4335) to access protected memory, potentially leading to system instability or crashes. The vulnerability was traced back to a call chain involving several Linux kernel functions, including try\_get\_folio, do\_error\_trap, and exc\_invalid\_op. The issue has been resolved in the Linux kernel.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX