VDB

CISA-2024-53109

CISA-2024-53109 PUBLISHED CVSS 5.5 MEDIUM

Reported by Linux · Published December 2, 2024

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu kernels crashed upon accessing a vma iterator, such as acct_collect() reading the size of vma entries after do_munmap(). This commit fixes this issue by passing a right argument to the preallocation call.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
LinuxLinuxb5df09226450165c434084d346fcb6d4858b0d52, b5df09226450165c434084d346fcb6d4858b0d52, b5df09226450165c434084d346fcb6d4858b0d52
LinuxLinux6.6, 0, 6.6.63
linuxlinux_kernel6.6, 6.6, 6.6
LinuxLinuxb5df09226450165c434084d346fcb6d4858b0d52, b5df09226450165c434084d346fcb6d4858b0d52, b5df09226450165c434084d346fcb6d4858b0d52

Timeline

  • Dec 2, 2024 CVE Published
  • Oct 1, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›