CVE-2024-53065
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 19, 2024
Updated: Nov 25, 2024
Summary
CVE-2024-53065 is a vulnerability in the Linux kernel that arises due to a duplicate kmem_cache creation. The issue stemmed from a commit that reduced the minimum alignment for KMALLOC_MINALIGN from 8 to 4 on arm64 architectures with KASAN_HW_TAGS enabled, causing the aliasing of kmalloc_caches[*][8] and kmalloc_caches[*][16]. Consequently, kmem_buckets_create() attempted to create a kmem_cache for size 16 twice, resulting in warnings on boot. These warnings, in turn, caused system instability and potential security vulnerabilities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX