CVE-2024-45014

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-45014
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45014.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-45014
Downstream
Published
2024-09-11T15:13:50Z
Modified
2025-10-15T14:20:10.785867Z
Summary
s390/boot: Avoid possible physmem_info segment corruption
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/boot: Avoid possible physmem_info segment corruption

When physical memory for the kernel image is allocated it does not consider extra memory required for offsetting the image start to match it with the lower 20 bits of KASLR virtual base address. That might lead to kernel access beyond its memory range.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
693d41f7c938f92d881e6a51525e6c132a186afd
Fixed
a944cba5d57687b747023c3bc074fcf9c790f7df
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
693d41f7c938f92d881e6a51525e6c132a186afd
Fixed
d7fd2941ae9a67423d1c7bee985f240e4686634f

Affected versions

v6.*

v6.10
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.11-rc1
v6.11-rc2

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a944cba5d57687b747023c3bc074fcf9c790f7df",
        "signature_version": "v1",
        "target": {
            "file": "arch/s390/boot/startup.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "220576791480022393276652824459459896624",
                "291268657103799048435845198806693019350",
                "40652228346666965575646894066972110647",
                "113112548238130848622439178867885135125",
                "250730255947036169673795366920439560506"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2024-45014-9dc34fc4"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a944cba5d57687b747023c3bc074fcf9c790f7df",
        "signature_version": "v1",
        "target": {
            "file": "arch/s390/boot/startup.c",
            "function": "startup_kernel"
        },
        "digest": {
            "length": 2047.0,
            "function_hash": "214592135143854118062943006265123693172"
        },
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2024-45014-aa4edee0"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.10.0
Fixed
6.10.7