CVE-2024-42251

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-42251
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42251.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-42251
Related
Published
2024-08-08T09:15:08Z
Modified
2024-09-18T03:23:10.915443Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

mm: pageref: remove foliotrygetrcu()

The below bug was reported on a non-SMP kernel:

[ 275.267158][ T4335] ------------[ cut here ]------------ [ 275.267949][ T4335] kernel BUG at include/linux/pageref.h:275! [ 275.268526][ T4335] invalid opcode: 0000 [#1] KASAN PTI [ 275.269001][ T4335] CPU: 0 PID: 4335 Comm: trinity-c3 Not tainted 6.7.0-rc4-00061-gefa7df3e3bb5 #1 [ 275.269787][ T4335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 275.270679][ T4335] RIP: 0010:trygetfolio (include/linux/pageref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.272813][ T4335] RSP: 0018:ffffc90005dcf650 EFLAGS: 00010202 [ 275.273346][ T4335] RAX: 0000000000000246 RBX: ffffea00066e0000 RCX: 0000000000000000 [ 275.274032][ T4335] RDX: fffff94000cdc007 RSI: 0000000000000004 RDI: ffffea00066e0034 [ 275.274719][ T4335] RBP: ffffea00066e0000 R08: 0000000000000000 R09: fffff94000cdc006 [ 275.275404][ T4335] R10: ffffea00066e0037 R11: 0000000000000000 R12: 0000000000000136 [ 275.276106][ T4335] R13: ffffea00066e0034 R14: dffffc0000000000 R15: ffffea00066e0008 [ 275.276790][ T4335] FS: 00007fa2f9b61740(0000) GS:ffffffff89d0d000(0000) knlGS:0000000000000000 [ 275.277570][ T4335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 275.278143][ T4335] CR2: 00007fa2f6c00000 CR3: 0000000134b04000 CR4: 00000000000406f0 [ 275.278833][ T4335] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 275.279521][ T4335] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 275.280201][ T4335] Call Trace: [ 275.280499][ T4335] <TASK> [ 275.280751][ T4335] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) [ 275.281087][ T4335] ? dotrap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153) [ 275.281463][ T4335] ? trygetfolio (include/linux/pageref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.281884][ T4335] ? trygetfolio (include/linux/pageref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.282300][ T4335] ? doerrortrap (arch/x86/kernel/traps.c:174) [ 275.282711][ T4335] ? trygetfolio (include/linux/pageref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.283129][ T4335] ? handleinvalidop (arch/x86/kernel/traps.c:212) [ 275.283561][ T4335] ? trygetfolio (include/linux/pageref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.283990][ T4335] ? excinvalidop (arch/x86/kernel/traps.c:264) [ 275.284415][ T4335] ? asmexcinvalidop (arch/x86/include/asm/idtentry.h:568) [ 275.284859][ T4335] ? trygetfolio (include/linux/pageref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.285278][ T4335] trygrabfolio (mm/gup.c:148) [ 275.285684][ T4335] getuserpages (mm/gup.c:1297 (discriminator 1)) [ 275.286111][ T4335] ? _pfxgetuserpages (mm/gup.c:1188) [ 275.286579][ T4335] ? pfxvalidatechain (kernel/locking/lockdep.c:3825) [ 275.287034][ T4335] ? marklock (kernel/locking/lockdep.c:4656 (discriminator 1)) [ 275.287416][ T4335] _guplongtermlocked (mm/gup.c:1509 mm/gup.c:2209) [ 275.288192][ T4335] ? _pfxguplongtermlocked (mm/gup.c:2204) [ 275.288697][ T4335] ? pfxlockacquire (kernel/locking/lockdep.c:5722) [ 275.289135][ T4335] ? _pfxmightresched (kernel/sched/core.c:10106) [ 275.289595][ T4335] pinuserpagesremote (mm/gup.c:3350) [ 275.290041][ T4335] ? _pfxpinuserpagesremote (mm/gup.c:3350) [ 275.290545][ T4335] ? findheldlock (kernel/locking/lockdep.c:5244 (discriminator 1)) [ 275.290961][ T4335] ? mmaccess (kernel/fork.c:1573) [ 275.291353][ T4335] processvmrwsinglevec+0x142/0x360 [ 275.291900][ T4335] ? _pfxprocessvmrwsinglevec+0x10/0x10 [ 275.292471][ T4335] ? mmaccess (kernel/fork.c:1573) [ 275.292859][ T4335] processvmrwcore+0x272/0x4e0 [ 275.293384][ T4335] ? hlockclass (a ---truncated---

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.11-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1
6.8.12-1
6.9.2-1~exp1
6.9.7-1~bpo12+1
6.9.7-1
6.9.8-1
6.9.9-1
6.9.10-1~bpo12+1
6.9.10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}