Restrict User Access to Kernel Memory

CVE-2024-46792

Currently unrated 🤨

Key Information

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2024

Summary

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_user() do not call access_ok(), so this code allowed userspace to access any virtual memory address.

Affected Version(s)

Linux < 7c83232161f6

Linux <= 6.7

Timeline

Vulnerability published.
Sep 18, 2024
Vulnerability Reserved.
Sep 11, 2024

Collectors

NVD DatabaseMitre Database