Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-vulnerable / . / cve / published / 2024 / CVE-2024-40917.json
blob: 186feb42dd773ec96ec099a8a1be9d0bd03be652 [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: make memblock_set_node() also warn about use of MAX_NUMNODES\n\nOn an (old) x86 system with SRAT just covering space above 4Gb:\n\n ACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0xfffffffff] hotplug\n\nthe commit referenced below leads to this NUMA configuration no longer\nbeing refused by a CONFIG_NUMA=y kernel (previously\n\n NUMA: nodes only cover 6144MB of your 8185MB e820 RAM. Not used.\n No NUMA configuration found\n Faking a node at [mem 0x0000000000000000-0x000000027fffffff]\n\nwas seen in the log directly after the message quoted above), because of\nmemblock_validate_numa_coverage() checking for NUMA_NO_NODE (only). This\nin turn led to memblock_alloc_range_nid()'s warning about MAX_NUMNODES\ntriggering, followed by a NULL deref in memmap_init() when trying to\naccess node 64's (NODE_SHIFT=6) node data.\n\nTo compensate said change, make memblock_set_node() warn on and adjust\na passed in value of MAX_NUMNODES, just like various other functions\nalready do."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"mm/memblock.c"
],
"versions": [
{
"version": "6fdc770506eb8379bf68a49d4e193c8364ac64e0",
"lessThan": "4ddb7f966f3d06fcf1ba5ee298af6714b593584b",
"status": "affected",
"versionType": "git"
},
{
"version": "ff6c3d81f2e86b63a3a530683f89ef393882782a",
"lessThan": "22f742b8f738918f683198a18ec3c691acda14c4",
"status": "affected",
"versionType": "git"
},
{
"version": "ff6c3d81f2e86b63a3a530683f89ef393882782a",
"lessThan": "e0eec24e2e199873f43df99ec39773ad3af2bff7",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"mm/memblock.c"
],
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.72",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.9.6",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.70",
"versionEndExcluding": "6.6.72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.9.6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.10"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4ddb7f966f3d06fcf1ba5ee298af6714b593584b"
},
{
"url": "https://git.kernel.org/stable/c/22f742b8f738918f683198a18ec3c691acda14c4"
},
{
"url": "https://git.kernel.org/stable/c/e0eec24e2e199873f43df99ec39773ad3af2bff7"
}
],
"title": "memblock: make memblock_set_node() also warn about use of MAX_NUMNODES",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2024-40917",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}