Lucene search
LinuxCVE-2024-26618HistoryMar 11, 2024 - 6:15 p.m.
CVE-2024-26618
2024-03-1118:15:19
Linux
web.nvd.nist.gov
4834
linux kernel
arm64
sme
vulnerability
security
cve-2024-26618
In the Linux kernel, the following vulnerability has been resolved:
arm64/sme: Always exit sme_alloc() early with existing storage
When sme_alloc() is called with existing storage and we are not flushing we
will always allocate new storage, both leaking the existing storage and
corrupting the state. Fix this by separating the checks for flushing and
for existing storage as we do for SVE.
Callers that reallocate (eg, due to changing the vector length) should
call sme_free() themselves.
Affected configurations
Node
linuxlinux_kernelRange6.5–6.6.15
ORlinuxlinux_kernelRange6.7.0–6.7.3
ORlinuxlinux_kernelRange6.8.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/arm64/kernel/fpsimd.c"
],
"versions": [
{
"version": "5d0a8d2fba50",
"lessThan": "569156e4fa34",
"status": "affected",
"versionType": "git"
},
{
"version": "5d0a8d2fba50",
"lessThan": "814af6b4e600",
"status": "affected",
"versionType": "git"
},
{
"version": "5d0a8d2fba50",
"lessThan": "dc7eb8755797",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/arm64/kernel/fpsimd.c"
],
"versions": [
{
"version": "6.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.15",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.3",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2024-26618
2024-03-11 00:00:00
debiancve
debiancve
CVE-2024-26618
2024-03-11 18:15:19
prion
prion
Spoofing
2024-03-11 18:15:00
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-26618
2024-03-11 18:15:19
redhatcve
redhatcve
CVE-2024-26618
2024-03-12 16:12:38
osv
osv
linux-oem-6.5 vulnerabilities
2024-05-07 15:22:10
linux-oracle-6.5 vulnerabilities
2024-06-26 13:01:54
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-05-07 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (ARM laptop) vulnerabilities
2024-06-10 00:00:00
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
2024-05-07 00:00:00
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6819-1)
2024-06-07 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)
2024-06-26 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6765-1)
2024-05-08 00:00:00
Ubuntu: Security Advisory (USN-6819-1)
2024-06-10 00:00:00
Ubuntu: Security Advisory (USN-6819-4)
2024-06-27 00:00:00