Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-26947

Disclosure Date: May 01, 2024 •

CVE-2024-26947

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

Since commit a4d5613c4dc6 (“arm: extend pfn_valid to take into account
freed memory map alignment”) changes the semantics of pfn_valid() to check
presence of the memory map for a PFN. A valid page for an address which
is reserved but not mapped by the kernel1, the system crashed during
some uio test with the following memory layout:

node 0: [mem 0x00000000c0a00000-0x00000000cc8fffff]
node 0: [mem 0x00000000d0000000-0x00000000da1fffff]
the uio layout is：0xc0900000, 0x100000

the crash backtrace like:

Unable to handle kernel paging request at virtual address bff00000
[…]
CPU: 1 PID: 465 Comm: startapp.bin Tainted: G O 5.10.0 #1
Hardware name: Generic DT based system
PC is at b15_flush_kern_dcache_area+0x24/0x3c
LR is at sync_icache_dcache+0x6c/0x98
… from (sync_icache_dcache+0x6c/0x98)
(sync_icache_dcache) from (set_pte_at+0x28/0x54)
(set_pte_at) from (remap_pfn_range+0x1a0/0x274)
(remap_pfn_range) from (uio_mmap+0x184/0x1b8 [uio])
(uio_mmap [uio]) from (mmap_region+0x264/0x5f4)
(mmap_region) from (do_mmap_mm+0x3ec/0x440)
(__do_mmap_mm) from (do_mmap+0x50/0x58)
(do_mmap) from (vm_mmap_pgoff+0xfc/0x188)
(vm_mmap_pgoff) from (ksys_mmap_pgoff+0xac/0xc4)
(ksys_mmap_pgoff) from (ret_fast_syscall+0x0/0x5c)
Code: e0801001 e2423001 e1c00003 f57ff04f (ee070f3e)
—–[ end trace 09cf0734c3805d52 ]—-
Kernel panic – not syncing: Fatal exception

So check if PG_reserved was set to solve this issue.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Linux

Products

Linux

References

Canonical

CVE-2024-26947 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26947)

Miscellaneous

https://git.kernel.org/stable/c/0c027c2bad7f5111c51a358b5d392e1a695dabff

https://git.kernel.org/stable/c/9f7ddc222cae8254e93d5c169a8ae11a49d912a7

https://git.kernel.org/stable/c/fb3a122a978626b33de3367ee1762da934c0f512

https://git.kernel.org/stable/c/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc

Rapid7

Unknown

CVE-2024-26947

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-26947

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-26947

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-26947

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification