CVE-2024-42258

mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines

Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't
force huge page alignment on 32 bit") didn't work for x86_32 [1]. It is
because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT.

!CONFIG_64BIT should cover all 32 bit machines.

[1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-30 CVE Reserved
2024-08-12 CVE Published
2024-08-15 EPSS Updated
2024-09-15 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/87632bc9ecff5ded93433bc0fca428019bdd1cfe	Vuln. Introduced
https://git.kernel.org/stable/c/4ef9ad19e17676b9ef071309bc62020e2373705d	Vuln. Introduced
https://git.kernel.org/stable/c/7432376c913381c5f24d373a87ff629bbde94b47	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/89f2914dd4b47d2fad3deef0d700f9526d98d11f	2024-08-14
https://git.kernel.org/stable/c/7e1f4efb8d6140b2ec79bf760c43e1fc186e8dfc	2024-08-03
https://git.kernel.org/stable/c/d9592025000b3cf26c742f3505da7b83aedc26d5	2024-07-26
https://git.kernel.org/stable/c/a5c399fe433a115e9d3693169b5f357f3194af0a	2024-08-14

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.81 < 6.1.105 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.81 < 6.1.105"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.8 < 6.10.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.8 < 6.10.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.8 < 6.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.8 < 6.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.7.6 Search vendor "Linux" for product "Linux Kernel" and version "6.7.6"		en		Affected