CVE-2024-26621 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2024-26621

CVE-2024-26621

March 02, 2024

In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: don't force huge page alignment on 32 bit commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") caused two issues [1] [2] reported on 32 bit system or compat userspace. It doesn't make too much sense to force huge page alignment on 32 bit system due to the constrained virtual address space. [1] https://lore.kernel.org/linux-mm/d0a136a0-4a31-46bc-adf4-2db109a61672@kernel.org/ [2] https://lore.kernel.org/linux-mm/CAJuCfpHXLdQy1a2B6xN2d7quTYwg2OoZseYPZTRpU0eHHKD-sQ@mail.gmail.com/

Related Resources (30)

https://zolutal.github.io/aslrnt/

http://www.openwall.com/lists/oss-security/2024/07/08/6

http://www.openwall.com/lists/oss-security/2024/07/13/7

http://www.openwall.com/lists/oss-security/2024/07/10/8

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

https://git.kernel.org/stable/c/6ea9aa8d97e6563676094cb35755884173269555

https://git.kernel.org/stable/c/7432376c913381c5f24d373a87ff629bbde94b47

http://www.openwall.com/lists/oss-security/2024/07/10/5

https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26621.json

http://www.openwall.com/lists/oss-security/2024/07/11/4

http://www.openwall.com/lists/oss-security/2024/07/30/2

http://www.openwall.com/lists/oss-security/2024/07/15/2

http://www.openwall.com/lists/oss-security/2024/07/11/5

http://www.openwall.com/lists/oss-security/2024/07/09/1

https://git.kernel.org/stable/c/87632bc9ecff5ded93433bc0fca428019bdd1cfe

http://www.openwall.com/lists/oss-security/2024/07/08/5

https://nvd.nist.gov/vuln/detail/CVE-2024-26621

https://git.kernel.org/stable/c/4ef9ad19e17676b9ef071309bc62020e2373705d

http://www.openwall.com/lists/oss-security/2024/07/29/2

http://www.openwall.com/lists/oss-security/2024/07/10/7

http://www.openwall.com/lists/oss-security/2024/07/08/4

http://www.openwall.com/lists/oss-security/2024/07/08/3

http://www.openwall.com/lists/oss-security/2024/07/16/2

http://www.openwall.com/lists/oss-security/2024/07/11/7

http://www.openwall.com/lists/oss-security/2024/07/13/2

http://www.openwall.com/lists/oss-security/2024/07/08/8

http://www.openwall.com/lists/oss-security/2024/07/12/3

http://www.openwall.com/lists/oss-security/2024/07/16/1

http://www.openwall.com/lists/oss-security/2024/07/15/1

http://www.openwall.com/lists/oss-security/2024/07/08/7

Do you need more information?

CVSS v4

Base Score:

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

NONE

Vulnerable System Integrity

NONE

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

EPSS

Base Score:

0.02