CVE-2024-26850

{"id": "CVE-2024-26850", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2024-26850", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:41.728236Z"}}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "affected": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "affectedData": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "27af67f35631ac4b61b5e4455b44c9aee8d2cc4b", "lessThan": "d2a9510c0e39d06f5544075c13040407bdbf2803", "versionType": "git"}, {"status": "affected", "version": "27af67f35631ac4b61b5e4455b44c9aee8d2cc4b", "lessThan": "eeeddf85fc58d48c58ad916e4ca12363ebd8ab21", "versionType": "git"}, {"status": "affected", "version": "27af67f35631ac4b61b5e4455b44c9aee8d2cc4b", "lessThan": "720da1e593b85a550593b415bf1d79a053133451", "versionType": "git"}], "programFiles": ["mm/debug_vm_pgtable.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.6"}, {"status": "unaffected", "version": "0", "lessThan": "6.6", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.21", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.9", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["mm/debug_vm_pgtable.c"], "defaultStatus": "affected"}]}], "published": "2024-04-17T11:15:08.427", "references": [{"url": "https://git.kernel.org/stable/c/720da1e593b85a550593b415bf1d79a053133451", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d2a9510c0e39d06f5544075c13040407bdbf2803", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/eeeddf85fc58d48c58ad916e4ca12363ebd8ab21", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/720da1e593b85a550593b415bf1d79a053133451", "tags": ["Mailing List", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/d2a9510c0e39d06f5544075c13040407bdbf2803", "tags": ["Mailing List", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/eeeddf85fc58d48c58ad916e4ca12363ebd8ab21", "tags": ["Mailing List", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/debug_vm_pgtable: fix BUG_ON with pud advanced test\n\nArchitectures like powerpc add debug checks to ensure we find only devmap\nPUD pte entries. These debug checks are only done with CONFIG_DEBUG_VM. \nThis patch marks the ptes used for PUD advanced test devmap pte entries so\nthat we don't hit on debug checks on architecture like ppc64 as below.\n\nWARNING: CPU: 2 PID: 1 at arch/powerpc/mm/book3s64/radix_pgtable.c:1382 radix__pud_hugepage_update+0x38/0x138\n....\nNIP [c0000000000a7004] radix__pud_hugepage_update+0x38/0x138\nLR [c0000000000a77a8] radix__pudp_huge_get_and_clear+0x28/0x60\nCall Trace:\n[c000000004a2f950] [c000000004a2f9a0] 0xc000000004a2f9a0 (unreliable)\n[c000000004a2f980] [000d34c100000000] 0xd34c100000000\n[c000000004a2f9a0] [c00000000206ba98] pud_advanced_tests+0x118/0x334\n[c000000004a2fa40] [c00000000206db34] debug_vm_pgtable+0xcbc/0x1c48\n[c000000004a2fc10] [c00000000000fd28] do_one_initcall+0x60/0x388\n\nAlso\n\n kernel BUG at arch/powerpc/mm/book3s64/pgtable.c:202!\n ....\n\n NIP [c000000000096510] pudp_huge_get_and_clear_full+0x98/0x174\n LR [c00000000206bb34] pud_advanced_tests+0x1b4/0x334\n Call Trace:\n [c000000004a2f950] [000d34c100000000] 0xd34c100000000 (unreliable)\n [c000000004a2f9a0] [c00000000206bb34] pud_advanced_tests+0x1b4/0x334\n [c000000004a2fa40] [c00000000206db34] debug_vm_pgtable+0xcbc/0x1c48\n [c000000004a2fc10] [c00000000000fd28] do_one_initcall+0x60/0x388"}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm/debug_vm_pgtable: corrige BUG_ON con la prueba avanzada de pud. Las arquitecturas como powerpc agregan comprobaciones de depuraci\u00f3n para garantizar que solo encontremos entradas devmap PUD pte. Estas comprobaciones de depuraci\u00f3n s\u00f3lo se realizan con CONFIG_DEBUG_VM. Este parche marca los ptes utilizados para las entradas de pte devmap de prueba avanzada de PUD para que no realicemos comprobaciones de depuraci\u00f3n en arquitectura como ppc64 como se muestra a continuaci\u00f3n. ADVERTENCIA: CPU: 2 PID: 1 en arch/powerpc/mm/book3s64/radix_pgtable.c:1382 radix__pud_hugepage_update+0x38/0x138 .... NIP [c0000000000a7004] radix__pud_hugepage_update+0x38/0x138 LR [c0000000000a7 7a8] radix__pudp_huge_get_and_clear+0x28/0x60 Llamada Trace: [C00000000004A2F950] [C000000004A2F9A0] 0xC00000000004A2F9A0 (poco confiable) [C00000000004A2F980] [000D34C10000000000] 0XD34C100000000 [C0000004A2F9A0] 118/0x334 [C000000004A2FA40] [C000000002206DB34] DEBUG_VM_PGTABLE+0XCBC/0X1C48 [C000000004A2FC10] [C00000000000FD28] Do_Onitcall+0x60 /0x388 \u00a1Tambi\u00e9n ERROR del kernel en arch/powerpc/mm/book3s64/pgtable.c:202! .... NIP [c000000000096510] pudp_huge_get_and_clear_full+0x98/0x174 LR [c00000000206bb34] pud_advanced_tests+0x1b4/0x334 Seguimiento de llamadas: [c000000004a2f950] 000] 0xd34c100000000 (no confiable) [c000000004a2f9a0] [c00000000206bb34] pud_advanced_tests+0x1b4/0x334 [c000000004a2fa40] [ c00000000206db34] debug_vm_pgtable+0xcbc/0x1c48 [c000000004a2fc10] [c00000000000fd28] do_one_initcall+0x60/0x388"}], "lastModified": "2026-06-17T07:18:29.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "084897EF-9F0A-4459-ADD9-E47D969EF093", "versionEndExcluding": "6.6.21", "versionStartIncluding": "6.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827", "versionEndExcluding": "6.7.9", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}