CVE-2024-53079

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 27, 2024
CWE ID 667

Summary

CVE-2024-53079: A vulnerability in the Linux kernel's Transparent Hugepages (THP) has been addressed. This issue stemmed from races and list corruptions in the THP deferred split queues, which were caused by recent changes in mTHP, mTHP swapout, and mTHP swapin, among others. The vulnerability allowed for potential memory corruption and other issues. To mitigate this, the Linux kernel team renamed and updated functions related to deferred splits, added checks and warnings, and fixed issues with memcg_data and memcg_move_account(). Backports to earlier versions of the kernel are possible but require careful consideration.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share