| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "arch/x86/tools/relocs.c" |
| ], |
| "versions": [ |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "13edb509abc91c72152a11baaf0e7c060a312e03", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "52018aa146e3cf76569a9b1e6e49a2b7c8d4a088", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "a4e7ff1a74274e59a2de9bb57236542aa990d20a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "c7cff9780297d55d97ad068b68b703cfe53ef9af", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "47635b112a64b7b208224962471e7e42f110e723", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "af2a9f98d884205145fd155304a6955822ccca1c", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "ae7079238f6faf1b94accfccf334e98b46a0c0aa", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", |
| "lessThan": "aaa8736370db1a78f0e8434344a484f9fd20be3b", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "arch/x86/tools/relocs.c" |
| ], |
| "versions": [ |
| { |
| "version": "2.6.23", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "2.6.23", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.311", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.273", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.214", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.153", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.83", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.23", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.7.11", |
| "lessThanOrEqual": "6.7.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.8.2", |
| "lessThanOrEqual": "6.8.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.9", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "4.19.311" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "5.4.273" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "5.10.214" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "5.15.153" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "6.1.83" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "6.6.23" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "6.7.11" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "6.8.2" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "2.6.23", |
| "versionEndExcluding": "6.9" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b" |
| } |
| ], |
| "title": "x86, relocs: Ignore relocations in .notes section", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-26816", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
