CVE-2024-42258
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-42258 is a vulnerability affecting the Linux kernel on 32-bit machines. The issue lies in the relaxation of huge page alignment, which was intended to be implemented using the CONFIG_32BIT flag but instead used CONFIG_X86_32 [1]. Yves-Alexis Perez discovered that commit 4ef9ad19e176 did not resolve the problem due to this misconfiguration. However, the CONFIG_64BIT flag, which was expected to cover all 32-bit machines, was not effective in this case. This vulnerability could potentially lead to security risks and system instability on affected systems. The issue has been resolved in the latest Linux kernel updates.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX