CVE-2024-40944

July 12, 2024, 4:34 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to cc_platform_has() triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by load_segments() and GS_BASE is now 0 but call depth tracking uses per-CPU variables to operate. Call cc_platform_has() earlier in the function when GS is still valid. [ bp: Massage. ]

Product(s) Impacted

Product Versions
Linux Kernel

Weaknesses

References

https://git.kernel.org/stable/c/2cfb464669b645a9b98478b74f2bcea9860dcff1
https://git.kernel.org/stable/c/93c1800b3799f17375989b0daf76497dd3e80922
https://git.kernel.org/stable/c/d91ddd05082691e69b30744825d18ae799293258

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-12
CVE-2024-40944

Date

  • Published: July 12, 2024, 1:15 p.m.
  • Last Modified: July 12, 2024, 4:34 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.