CVE-2024-0564 Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication

🗓️ 30 Jan 2024 15:01:08Reported by redhatType

CVE-2024-0564 Kernel: max page sharing of Kernel Samepage Merging (KSM

Reporter	Title	Published	Views	Family All 31
BDU FSTEC	The vulnerability of the Kernel Samepage Merging (KSM) component in the Linux operating system allows a hacker to gain access to the user’s page.	7 Feb 202400:00	–	bdu_fstec
Circl	CVE-2024-0564	30 Jan 202416:21	–	circl
CNNVD	Linux kernel security vulnerabilities	30 Jan 202400:00	–	cnnvd
CVE	CVE-2024-0564	30 Jan 202415:01	–	cve
Debian CVE	CVE-2024-0564	30 Jan 202415:01	–	debiancve
EUVD	EUVD-2024-16357	3 Oct 202520:07	–	euvd
NVD	CVE-2024-0564	30 Jan 202415:15	–	nvd
OSV	CVE-2024-0564	30 Jan 202415:15	–	osv
OSV	DEBIAN-CVE-2024-0564	30 Jan 202415:15	–	osv
OSV	ECHO-9AD0-4A61-6710	15 Sep 202501:11	–	osv

[
  {
    "versions": [
      {
        "status": "unaffected",
        "version": "0",
        "lessThan": "4.4.0-96.119",
        "versionType": "semver"
      }
    ],
    "packageName": "kernel",
    "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
    "defaultStatus": "affected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2024-0564
bugs	www.bugs.launchpad.net/ubuntu/+source/linux/+bug/1680513
link	www.link.springer.com/conference/wisa
wisa	www.wisa.or.kr/accepted

21 Nov 2025 06:24Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.15.3

EPSS0.00023

CWE-203