CVE-2024-52319
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-52319
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52319.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-52319
- Downstream
- Related
- Published
- 2025-01-11T12:35:39Z
- Modified
- 2025-10-17T16:37:30.673447Z
- Summary
- mm: use aligned address in clear_gigantic_page()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mm: use aligned address in cleargiganticpage()
In current kernel, hugetlbnopage() calls foliozerouser() with the fault address. Where the fault address may be not aligned with the huge page size. Then, foliozerouser() may call cleargiganticpage() with the address, while cleargiganticpage() requires the address to be huge page size aligned. So, this may cause memory corruption or information leak, addtional, use more obvious naming 'addrhint' instead of 'addr' for cleargigantic_page().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced78fefd04c123493bbf28434768fa577b2153c79bFixedb79b6fe0737f233f0be1465052b7f0e75f324735
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced78fefd04c123493bbf28434768fa577b2153c79bFixed8aca2bc96c833ba695ede7a45ad7784c836a262e
Affected versions
v6.*
v6.10
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.13-rc1
v6.13-rc2
v6.13-rc3
Database specific
vanir_signatures
[
{
"target": {
"file": "fs/hugetlbfs/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8aca2bc96c833ba695ede7a45ad7784c836a262e",
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"113220166091718704246204574036857437380",
"12636513108352238366399925937561503785",
"225490542209991719533918806232565415640",
"61597799403023355513678454884794027959"
],
"threshold": 0.9
},
"id": "CVE-2024-52319-08a72b3a",
"signature_version": "v1"
},
{
"target": {
"function": "hugetlbfs_fallocate",
"file": "fs/hugetlbfs/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b79b6fe0737f233f0be1465052b7f0e75f324735",
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 1989.0,
"function_hash": "183269954610093949940697013689774370958"
},
"id": "CVE-2024-52319-0ad92cbf",
"signature_version": "v1"
},
{
"target": {
"file": "mm/memory.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8aca2bc96c833ba695ede7a45ad7784c836a262e",
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"72164938407982695752038859223862686540",
"102289086724653727334260687757290412461",
"50862739636076233918685907622438873",
"82156466689418724608254679133201815112",
"77853945550134999680849684290100904214",
"62126361373508335145993129586689436663"
],
"threshold": 0.9
},
"id": "CVE-2024-52319-843ba0bc",
"signature_version": "v1"
},
{
"target": {
"function": "clear_gigantic_page",
"file": "mm/memory.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b79b6fe0737f233f0be1465052b7f0e75f324735",
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 240.0,
"function_hash": "29734476608023705659901687813895764203"
},
"id": "CVE-2024-52319-8848bdc4",
"signature_version": "v1"
},
{
"target": {
"file": "mm/memory.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b79b6fe0737f233f0be1465052b7f0e75f324735",
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"72164938407982695752038859223862686540",
"102289086724653727334260687757290412461",
"50862739636076233918685907622438873",
"82156466689418724608254679133201815112",
"77853945550134999680849684290100904214",
"62126361373508335145993129586689436663"
],
"threshold": 0.9
},
"id": "CVE-2024-52319-9e1520b6",
"signature_version": "v1"
},
{
"target": {
"function": "hugetlbfs_fallocate",
"file": "fs/hugetlbfs/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8aca2bc96c833ba695ede7a45ad7784c836a262e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 2072.0,
"function_hash": "152500406567183443149781700480475816530"
},
"id": "CVE-2024-52319-b2089d93",
"signature_version": "v1"
},
{
"target": {
"function": "clear_gigantic_page",
"file": "mm/memory.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8aca2bc96c833ba695ede7a45ad7784c836a262e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 240.0,
"function_hash": "29734476608023705659901687813895764203"
},
"id": "CVE-2024-52319-e2a16890",
"signature_version": "v1"
},
{
"target": {
"file": "fs/hugetlbfs/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b79b6fe0737f233f0be1465052b7f0e75f324735",
"signature_type": "Line",
"deprecated": false,
"digest": {
"line_hashes": [
"113220166091718704246204574036857437380",
"12636513108352238366399925937561503785",
"225490542209991719533918806232565415640",
"61597799403023355513678454884794027959"
],
"threshold": 0.9
},
"id": "CVE-2024-52319-e6b6f1e2",
"signature_version": "v1"
}
]