CVE-2024-53109

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 2, 2024
Updated: Dec 11, 2024

Summary

CVE-2024-53109 is a recently identified vulnerability affecting the Linux kernel. Specifically, in the nommu component, deleting a vma entry from a maple tree led to passing a NULL argument to vma_iter_prealloc(). This error caused vma iterators to crash during functions like acct_collect(), which attempted to read the size of vma entries after do_munmap(). The issue has been resolved by ensuring the correct argument is passed to vma_iter_prealloc() during the deletion process.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share