CVE-2024-40944 in LinuxИнформация

Сводка

по MITRE • 12.07.2024

In the Linux kernel, the following vulnerability has been resolved:

x86/kexec: Fix bug with call depth tracking

The call to cc_platform_has() triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by load_segments() and GS_BASE is now 0 but call depth tracking uses per-CPU variables to operate.

Call cc_platform_has() earlier in the function when GS is still valid.

[ bp: Massage. ]

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

Linux

Резервировать

12.07.2024

Раскрытие

12.07.2024

Модерация

принято

Вход

VDB-271369

EPSS

0.00239

KEV

Нет

Деятельности

Очень низкий

Источники

Might our Artificial Intelligence support you?

Check our Alexa App!