CVE-2024-26795

2024-04-0409:15:08

Linux

web.nvd.nist.gov

linux kernel

vmemmap

out-of-bounds

fix

sv39/48/57

addresses

physical memory

AI Score

6.1

Confidence

Low

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:

riscv: Sparse-Memory/vmemmap out-of-bounds fix

Offset vmemmap so that the first page of vmemmap will be mapped
to the first page of physical memory in order to ensure that
vmemmap’s bounds will be respected during
pfn_to_page()/page_to_pfn() operations.
The conversion macros will produce correct SV39/48/57 addresses
for every possible/valid DRAM_BASE inside the physical memory limits.

v2:Address Alex’s comments

Affected configurations

Vulners

Node

linuxlinux_kernelRange5.4–5.10.212

linuxlinux_kernelRange5.11.0–5.15.151

linuxlinux_kernelRange5.16.0–6.1.81

linuxlinux_kernelRange6.2.0–6.6.21

linuxlinux_kernelRange6.7.0–6.7.9

linuxlinux_kernelRange6.8.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/riscv/include/asm/pgtable.h"
    ],
    "versions": [
      {
        "version": "d95f1a542c3d",
        "lessThan": "8af1c121b010",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "d95f1a542c3d",
        "lessThan": "5941a90c55d3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "d95f1a542c3d",
        "lessThan": "8310080799b4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "d95f1a542c3d",
        "lessThan": "a278d5c60f21",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "d95f1a542c3d",
        "lessThan": "2a1728c15ec4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "d95f1a542c3d",
        "lessThan": "a11dd49dcb93",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/riscv/include/asm/pgtable.h"
    ],
    "versions": [
      {
        "version": "5.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.4",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.212",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.151",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.81",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.21",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.7.9",
        "lessThanOrEqual": "6.7.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.8",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]