CVE-2024-35987

May 20, 2024, 1 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix loading 64-bit NOMMU kernels past the start of RAM commit 3335068f8721 ("riscv: Use PUD/P4D/PGD pages for the linear mapping") added logic to allow using RAM below the kernel load address. However, this does not work for NOMMU, where PAGE_OFFSET is fixed to the kernel load address. Since that range of memory corresponds to PFNs below ARCH_PFN_OFFSET, mm initialization runs off the beginning of mem_map and corrupts adjacent kernel memory. Fix this by restoring the previous behavior for NOMMU kernels.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/aea702dde7e9876fb00571a2602f25130847bf0f
https://git.kernel.org/stable/c/b008e327fa570aca210f98c817757649bae56694
https://git.kernel.org/stable/c/ea6628e4e2353978af7e3b4ad4fdaab6149acf3d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-20
CVE-2024-35987

Timeline

Published: May 20, 2024, 10:15 a.m.
Last Modified: May 20, 2024, 1 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.