CVE-2024-56673
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-56673: A vulnerability was discovered in the Linux kernel's riscv architecture, affecting vmemmap page tables. The issue arises from the unconventional method used to allocate pmd (page middle directory) hugetables, which does not involve the generic mechanism or the RISC-V specific functions. As a result, the pmd constructor is not called, and the cleanup code unconditionally calls the pmd destructor during vmemmap page table teardown, leading to a crash. This vulnerability was identified during the HMM selftests and can cause a kernel panic. To mitigate this issue, a check should be added to avoid calling the pmd destructor when the calling context is vmemmap_free().
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX