CVE-2024-35871

A vulnerability was found in the Linux kernel affecting the RISC-V architecture, where the kernel global pointer gp can be leaked to user space. This issue occurs when a user-mode helper thread, such as /sbin/init starts a new process via execve without clearing the kernel registers, allowing...

DEBIAN-CVE-2024-35871

In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...

UBUNTU-CVE-2024-35871

In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...

CVE-2024-35871

CVE-2024-35871 concerns a kernel-level issue in riscv process handling that leaks the kernel global pointer (gp) via user-space observables. The vulnerability stems from how childregs (the user-context registers during syscall) can expose kernel gp in several ways (e.g., after execve, via ptrace,...