CVE-2024-49975

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-49975
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49975.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-49975
Downstream
Related
Published
2024-10-21T18:02:23.099Z
Modified
2026-03-11T07:48:11.616148Z
Summary
uprobes: fix kernel info leak via "[uprobes]" vma
Details

In the Linux kernel, the following vulnerability has been resolved:

uprobes: fix kernel info leak via "[uprobes]" vma

xoladdvma() maps the uninitialized page allocated by _createxolarea() into userspace. On some architectures (x86) this memory is readable even without VMREAD, VMEXEC results in the same pgprott as VMEXEC|VMREAD, although this doesn't really matter, debugger can read this memory anyway.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49975.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d4b3b6384f98f8692ad0209891ccdbc7e78bbefe
Fixed
f31f92107e5a8ecc8902705122c594e979a351fe
Fixed
fe5e9182d3e227476642ae2b312e2356c4d326a3
Fixed
f561b48d633ac2e7d0d667020fc634a96ade33a0
Fixed
21cb47db1ec9765f91304763a24565ddc22d2492
Fixed
24141df5a8615790950deedd926a44ddf1dfd6d8
Fixed
5b981d8335e18aef7908a068529a3287258ff6d8
Fixed
2aa45f43709ba2082917bd2973d02687075b6eee
Fixed
9634e8dc964a4adafa7e1535147abd7ec29441a6
Fixed
34820304cc2cd1804ee1f8f3504ec77813d29c8e

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49975.json"