DEBIAN-CVE-2024-41032

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2024-41032

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-41032.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-41032

Upstream

CVE-2024-41032

Published

2024-07-29T15:15:11Z

Modified

2025-09-19T06:18:49Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpupossiblemask The problem is that there are systems where cpupossiblemask has gaps between set CPUs, for example SPARC. In this scenario addrtovbxa() hash function can return an index which accesses to not-possible and not setup CPU area using percpu() macro. This results in an oops on SPARC. A per-cpu vmapblockqueue is also used as hash table, incorrectly assuming the cpupossiblemask has no gaps. Fix it by adjusting an index to a next possible CPU.

References

https://security-tracker.debian.org/tracker/CVE-2024-41032

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.10-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}