Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2024-53113

Disclosure Date: December 02, 2024 •

CVE-2024-53113 CVSS v3 Base Score: 5.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

mm: fix NULL pointer dereference in alloc_pages_bulk_noprof

We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in
alloc_pages_bulk_noprof() when the task is migrated between cpusets.

When cpuset is enabled, in prepare_alloc_pages(), ac->nodemask may be
&current->mems_allowed. when first_zones_zonelist() is called to find
preferred_zoneref, the ac->nodemask may be modified concurrently if the
task is migrated between different cpusets. Assuming we have 2 NUMA Node,
when traversing Node1 in ac->zonelist, the nodemask is 2, and when
traversing Node2 in ac->zonelist, the nodemask is 1. As a result, the
ac->preferred_zoneref points to NULL zone.

In alloc_pages_bulk_noprof(), for_each_zone_zonelist_nodemask() finds a
allowable zone and calls zonelist_node_idx(ac.preferred_zoneref), leading
to NULL pointer dereference.

__alloc_pages_noprof() fixes this issue by checking NULL pointer in commit
ea57485af8f4 (“mm, page_alloc: fix check for NULL preferred_zone”) and
commit df76cee6bbeb (“mm, page_alloc: remove redundant checks from alloc
fastpath”).

To fix it, check NULL pointer for preferred_zoneref->zone.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.5 Medium

Impact Score:

3.6

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

linux

Products

References

Canonical

CVE-2024-53113 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53113)

Miscellaneous

https://git.kernel.org/stable/c/6addb2d9501ec866d7b3a3b4e665307c437e9be2

https://git.kernel.org/stable/c/d0f16cec79774c3132df006cf771eddd89d08f58

https://git.kernel.org/stable/c/31502374627ba9ec3e710dbd0bb00457cc6d2c19

https://git.kernel.org/stable/c/8ce41b0f9d77cca074df25afd39b86e2ee3aa68e

https://git.kernel.org/stable/c/903d896448c2e50e8652aaba529a30d4d1eaa0e5

Rapid7

Unknown

CVE-2024-53113

Unknown

Unknown

None

Low

Local

CVE-2024-53113

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-53113

Unknown

Unknown

None

Low

Local

CVE-2024-53113

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification