CVE-2024-26710

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26710
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26710.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26710
Downstream
Published
2024-04-03T14:55:12.583Z
Modified
2025-12-29T05:31:50.160769Z
Summary
powerpc/kasan: Limit KASAN thread size increase to 32KB
Details

In the Linux kernel, the following vulnerability has been resolved:

powerpc/kasan: Limit KASAN thread size increase to 32KB

KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines (see link).

To avoid overflows the stack size was doubled for KASAN builds in commit 3e8635fb2e07 ("powerpc/kasan: Force thread size increase with KASAN").

However with a 32KB stack size to begin with, the doubling leads to a 64KB stack, which causes build errors: arch/powerpc/kernel/switch.S:249: Error: operand out of range (0x000000000000fe50 is not between 0xffffffffffff8000 and 0x0000000000007fff)

Although the asm could be reworked, in practice a 32KB stack seems sufficient even for KASAN builds - the additional usage seems to be in the 2-3KB range for a 64-bit KASAN build.

So only increase the stack for KASAN if the stack size is < 32KB.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26710.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9ccf64e763aca088b0d25c1274af42b1a6a45135
Fixed
f9a4c401bf4c5af3437ad221c0a5880a518068d4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b38014874530d3776de75679315e8c1fe04aa89b
Fixed
4cc31fa07445879a13750cb061bb8c2654975fcb
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
58f396513cb1fa4ef91838c78698d458100cc27c
Fixed
b29b16bd836a838b7690f80e37f8376414c74cbe
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
18f14afe281648e31ed35c9ad2fcb724c4838ad9
Fixed
f1acb109505d983779bbb7e20a1ee6244d2b5736

Affected versions

v6.*

v6.1.75
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.7
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.8-rc1
v6.8-rc2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26710.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.1.75
Fixed
6.1.76
Type
ECOSYSTEM
Events
Introduced
6.6.14
Fixed
6.6.18
Type
ECOSYSTEM
Events
Introduced
6.7.2
Fixed
6.7.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26710.json"