CVE-2024-40944
- Source
- https://cve.org/CVERecord?id=CVE-2024-40944
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40944.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-40944
- Downstream
- Related
- Published
- 2024-07-12T12:25:18.490Z
- Modified
- 2026-03-14T12:35:03.224126Z
- Summary
- x86/kexec: Fix bug with call depth tracking
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
x86/kexec: Fix bug with call depth tracking
The call to ccplatformhas() triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments() and GSBASE is now 0 but call depth tracking uses per-CPU variables to operate.
Call ccplatformhas() earlier in the function when GS is still valid.
[ bp: Massage. ]
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40944.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/2cfb464669b645a9b98478b74f2bcea9860dcff1
- https://git.kernel.org/stable/c/93c1800b3799f17375989b0daf76497dd3e80922
- https://git.kernel.org/stable/c/d91ddd05082691e69b30744825d18ae799293258
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40944.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-40944