2311711 – (CVE-2024-45014) CVE-2024-45014 kernel: s390/boot: Avoid possible physmem_info segment corruption

Bug 2311711 (CVE-2024-45014) - CVE-2024-45014 kernel: s390/boot: Avoid possible physmem_info segment corruption

Summary: CVE-2024-45014 kernel: s390/boot: Avoid possible physmem_info segment corruption

Keywords:
Status:	NEW
Alias:	CVE-2024-45014
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2311744
Blocks:
TreeView+	depends on / blocked

Reported:	2024-09-11 16:20 UTC by OSIDB Bzimport
Modified:	2024-09-13 10:14 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-09-11 16:20:52 UTC

In the Linux kernel, the following vulnerability has been resolved:

s390/boot: Avoid possible physmem_info segment corruption

When physical memory for the kernel image is allocated it does not
consider extra memory required for offsetting the image start to
match it with the lower 20 bits of KASLR virtual base address. That
might lead to kernel access beyond its memory range.

Comment 1 Michal Findra 2024-09-11 17:00:21 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024091107-CVE-2024-45014-2925@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.