CVE-2024-53137

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-53137

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53137.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-53137

Downstream

BELL-CVE-2024-53137

UBUNTU-CVE-2024-53137

USN-7310-1

Related

Published

2024-12-04T15:15:13Z

Modified

2024-12-11T17:01:09Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ARM: fix cacheflush with PAN

It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault.

References

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.11.10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}