CVE-2024-42258

2024-08-1200:00:00

ubuntu.com

linux kernel

vulnerability

cve-2024-42258

huge page alignment

32-bit machines

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:
mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit
machines
Yves-Alexis Perez reported commit 4ef9ad19e176 (“mm: huge_memory: don’t
force huge page alignment on 32 bit”) didn’t work for x86_32 [1]. It is
because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT.
!CONFIG_64BIT should cover all 32 bit machines.
[1]
https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/

OSVersionArchitecturePackageVersionFilename
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux-aws< anyUNKNOWN
ubuntu24.04noarchlinux-azure< anyUNKNOWN
ubuntu24.04noarchlinux-gcp< anyUNKNOWN
ubuntu24.04noarchlinux-gke< anyUNKNOWN
ubuntu22.04noarchlinux-hwe-6.8< anyUNKNOWN
ubuntu24.04noarchlinux-ibm< anyUNKNOWN
ubuntu24.04noarchlinux-intel< anyUNKNOWN
ubuntu24.04noarchlinux-lowlatency< anyUNKNOWN
ubuntu22.04noarchlinux-lowlatency-hwe-6.8< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	24.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	24.04	noarch	linux-gcp	< any	UNKNOWN
ubuntu	24.04	noarch	linux-gke	< any	UNKNOWN
ubuntu	22.04	noarch	linux-hwe-6.8	< any	UNKNOWN
ubuntu	24.04	noarch	linux-ibm	< any	UNKNOWN
ubuntu	24.04	noarch	linux-intel	< any	UNKNOWN
ubuntu	24.04	noarch	linux-lowlatency	< any	UNKNOWN
ubuntu	22.04	noarch	linux-lowlatency-hwe-6.8	< any	UNKNOWN