Memory Corruption and Information Leak in Linux Kernel by Vendor
CVE-2024-52319

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
11 January 2025

What is CVE-2024-52319?

A vulnerability in the Linux kernel can lead to memory corruption or information leaks due to the handling of unaligned fault addresses within the hugetlb_no_page() function. When the fault address does not align correctly with the required huge page size, it can adversely affect system stability. The issue arises in the clear_gigantic_page() function, which requires proper alignment. This situation poses significant risks to system integrity and confidentiality, necessitating immediate attention and remediation.

Affected Version(s)

Linux 78fefd04c123493bbf28434768fa577b2153c79b

Linux 78fefd04c123493bbf28434768fa577b2153c79b < 8aca2bc96c833ba695ede7a45ad7784c836a262e

Linux 6.11

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.