CVE-2024-40915 (GCVE-0-2024-40915)
Vulnerability from cvelistv5
Published
2024-07-12 12:24
Modified
2025-11-03 21:57
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel_map_pages() is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages. This function set/clear the valid bit using __set_memory(). __set_memory() acquires init_mm's semaphore, and this operation may sleep. This is problematic, because __kernel_map_pages() can be called in atomic context, and thus is illegal to sleep. An example warning that this causes: BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1578 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2, name: kthreadd preempt_count: 2, expected: 0 CPU: 0 PID: 2 Comm: kthreadd Not tainted 6.9.0-g1d4c6d784ef6 #37 Hardware name: riscv-virtio,qemu (DT) Call Trace: [<ffffffff800060dc>] dump_backtrace+0x1c/0x24 [<ffffffff8091ef6e>] show_stack+0x2c/0x38 [<ffffffff8092baf8>] dump_stack_lvl+0x5a/0x72 [<ffffffff8092bb24>] dump_stack+0x14/0x1c [<ffffffff8003b7ac>] __might_resched+0x104/0x10e [<ffffffff8003b7f4>] __might_sleep+0x3e/0x62 [<ffffffff8093276a>] down_write+0x20/0x72 [<ffffffff8000cf00>] __set_memory+0x82/0x2fa [<ffffffff8000d324>] __kernel_map_pages+0x5a/0xd4 [<ffffffff80196cca>] __alloc_pages_bulk+0x3b2/0x43a [<ffffffff8018ee82>] __vmalloc_node_range+0x196/0x6ba [<ffffffff80011904>] copy_process+0x72c/0x17ec [<ffffffff80012ab4>] kernel_clone+0x60/0x2fe [<ffffffff80012f62>] kernel_thread+0x82/0xa0 [<ffffffff8003552c>] kthreadd+0x14a/0x1be [<ffffffff809357de>] ret_from_fork+0xe/0x1c Rewrite this function with apply_to_existing_page_range(). It is fine to not have any locking, because __kernel_map_pages() works with pages being allocated/deallocated and those pages are not changed by anyone else in the meantime.
References
Impacted products
Vendor Product Version
Linux Linux Version: 5fde3db5eb028b95aeefa1ab192d36800414e8b8
Version: 5fde3db5eb028b95aeefa1ab192d36800414e8b8
Version: 5fde3db5eb028b95aeefa1ab192d36800414e8b8
Version: 5fde3db5eb028b95aeefa1ab192d36800414e8b8
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:57:46.415Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40915",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:05:49.659920Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:39.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/mm/pageattr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "919f8626099d9909b9a9620b05e8c8ab06581876",
              "status": "affected",
              "version": "5fde3db5eb028b95aeefa1ab192d36800414e8b8",
              "versionType": "git"
            },
            {
              "lessThan": "8661a7af04991201640863ad1a0983173f84b5eb",
              "status": "affected",
              "version": "5fde3db5eb028b95aeefa1ab192d36800414e8b8",
              "versionType": "git"
            },
            {
              "lessThan": "d5257ceb19d92069195254866421f425aea42915",
              "status": "affected",
              "version": "5fde3db5eb028b95aeefa1ab192d36800414e8b8",
              "versionType": "git"
            },
            {
              "lessThan": "fb1cf0878328fe75d47f0aed0a65b30126fcefc4",
              "status": "affected",
              "version": "5fde3db5eb028b95aeefa1ab192d36800414e8b8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/mm/pageattr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.95",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.35",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9.6",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.10",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: rewrite __kernel_map_pages() to fix sleeping in invalid context\n\n__kernel_map_pages() is a debug function which clears the valid bit in page\ntable entry for deallocated pages to detect illegal memory accesses to\nfreed pages.\n\nThis function set/clear the valid bit using __set_memory(). __set_memory()\nacquires init_mm\u0027s semaphore, and this operation may sleep. This is\nproblematic, because  __kernel_map_pages() can be called in atomic context,\nand thus is illegal to sleep. An example warning that this causes:\n\nBUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1578\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2, name: kthreadd\npreempt_count: 2, expected: 0\nCPU: 0 PID: 2 Comm: kthreadd Not tainted 6.9.0-g1d4c6d784ef6 #37\nHardware name: riscv-virtio,qemu (DT)\nCall Trace:\n[\u003cffffffff800060dc\u003e] dump_backtrace+0x1c/0x24\n[\u003cffffffff8091ef6e\u003e] show_stack+0x2c/0x38\n[\u003cffffffff8092baf8\u003e] dump_stack_lvl+0x5a/0x72\n[\u003cffffffff8092bb24\u003e] dump_stack+0x14/0x1c\n[\u003cffffffff8003b7ac\u003e] __might_resched+0x104/0x10e\n[\u003cffffffff8003b7f4\u003e] __might_sleep+0x3e/0x62\n[\u003cffffffff8093276a\u003e] down_write+0x20/0x72\n[\u003cffffffff8000cf00\u003e] __set_memory+0x82/0x2fa\n[\u003cffffffff8000d324\u003e] __kernel_map_pages+0x5a/0xd4\n[\u003cffffffff80196cca\u003e] __alloc_pages_bulk+0x3b2/0x43a\n[\u003cffffffff8018ee82\u003e] __vmalloc_node_range+0x196/0x6ba\n[\u003cffffffff80011904\u003e] copy_process+0x72c/0x17ec\n[\u003cffffffff80012ab4\u003e] kernel_clone+0x60/0x2fe\n[\u003cffffffff80012f62\u003e] kernel_thread+0x82/0xa0\n[\u003cffffffff8003552c\u003e] kthreadd+0x14a/0x1be\n[\u003cffffffff809357de\u003e] ret_from_fork+0xe/0x1c\n\nRewrite this function with apply_to_existing_page_range(). It is fine to\nnot have any locking, because __kernel_map_pages() works with pages being\nallocated/deallocated and those pages are not changed by anyone else in the\nmeantime."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:17:44.435Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876"
        },
        {
          "url": "https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915"
        },
        {
          "url": "https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4"
        }
      ],
      "title": "riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-40915",
    "datePublished": "2024-07-12T12:24:58.770Z",
    "dateReserved": "2024-07-12T12:17:45.581Z",
    "dateUpdated": "2025-11-03T21:57:46.415Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-40915\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-12T13:15:14.660\",\"lastModified\":\"2025-11-03T22:17:13.800\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nriscv: rewrite __kernel_map_pages() to fix sleeping in invalid context\\n\\n__kernel_map_pages() is a debug function which clears the valid bit in page\\ntable entry for deallocated pages to detect illegal memory accesses to\\nfreed pages.\\n\\nThis function set/clear the valid bit using __set_memory(). __set_memory()\\nacquires init_mm\u0027s semaphore, and this operation may sleep. This is\\nproblematic, because  __kernel_map_pages() can be called in atomic context,\\nand thus is illegal to sleep. An example warning that this causes:\\n\\nBUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1578\\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2, name: kthreadd\\npreempt_count: 2, expected: 0\\nCPU: 0 PID: 2 Comm: kthreadd Not tainted 6.9.0-g1d4c6d784ef6 #37\\nHardware name: riscv-virtio,qemu (DT)\\nCall Trace:\\n[\u003cffffffff800060dc\u003e] dump_backtrace+0x1c/0x24\\n[\u003cffffffff8091ef6e\u003e] show_stack+0x2c/0x38\\n[\u003cffffffff8092baf8\u003e] dump_stack_lvl+0x5a/0x72\\n[\u003cffffffff8092bb24\u003e] dump_stack+0x14/0x1c\\n[\u003cffffffff8003b7ac\u003e] __might_resched+0x104/0x10e\\n[\u003cffffffff8003b7f4\u003e] __might_sleep+0x3e/0x62\\n[\u003cffffffff8093276a\u003e] down_write+0x20/0x72\\n[\u003cffffffff8000cf00\u003e] __set_memory+0x82/0x2fa\\n[\u003cffffffff8000d324\u003e] __kernel_map_pages+0x5a/0xd4\\n[\u003cffffffff80196cca\u003e] __alloc_pages_bulk+0x3b2/0x43a\\n[\u003cffffffff8018ee82\u003e] __vmalloc_node_range+0x196/0x6ba\\n[\u003cffffffff80011904\u003e] copy_process+0x72c/0x17ec\\n[\u003cffffffff80012ab4\u003e] kernel_clone+0x60/0x2fe\\n[\u003cffffffff80012f62\u003e] kernel_thread+0x82/0xa0\\n[\u003cffffffff8003552c\u003e] kthreadd+0x14a/0x1be\\n[\u003cffffffff809357de\u003e] ret_from_fork+0xe/0x1c\\n\\nRewrite this function with apply_to_existing_page_range(). It is fine to\\nnot have any locking, because __kernel_map_pages() works with pages being\\nallocated/deallocated and those pages are not changed by anyone else in the\\nmeantime.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: reescribe __kernel_map_pages() para arreglar el modo de dormir en un contexto no v\u00e1lido. __kernel_map_pages() es una funci\u00f3n de depuraci\u00f3n que borra el bit v\u00e1lido en la entrada de la tabla de p\u00e1ginas para p\u00e1ginas designadas para detectar accesos ilegales a la memoria de las p\u00e1ginas liberadas. Esta funci\u00f3n establece/borra el bit v\u00e1lido usando __set_memory(). __set_memory() adquiere el sem\u00e1foro de init_mm y esta operaci\u00f3n puede suspenderse. Esto es problem\u00e1tico, porque __kernel_map_pages() se puede llamar en un contexto at\u00f3mico y, por lo tanto, es ilegal dormir. Un ejemplo de advertencia de que esto causa: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/rwsem.c:1578 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2, nombre: kthreadd preempt_count: 2, esperado: 0 CPU: 0 PID: 2 Comm: kthreadd No contaminado 6.9.0-g1d4c6d784ef6 #37 Nombre de hardware: riscv-virtio,qemu (DT) Seguimiento de llamadas: [] dump_backtrace+0x1c/0x24 [] show_stack+0x2c/0x38 [] dump_stack_lvl+0x5a/0x72 [] dump_stack+0x14/0x1c [] __might_resched+0x104/0x10e [] __might_sleep+0x3e/0x62 [] down_write+0x20/0x72 [] __set_memory+0x82/0x2fa [] __kernel_map_pages+0x5a/0xd4 [] __alloc_pages_bulk+0x3b2/0x43a [] __vmalloc_node_range+0x196/0x6ba [] copy_process+0x72c/0x17ec [] kernel_clone+0x60/0x2fe [] kernel_thread+0x82/0xa0 [] kthreadd+0x14a/0x1be [] _from_fork+0xe/0x1c Reescribe esta funci\u00f3n con apply_to_existing_page_range(). Est\u00e1 bien no tener ning\u00fan bloqueo, porque __kernel_map_pages() funciona con p\u00e1ginas que se asignan/desasignan y, mientras tanto, nadie m\u00e1s cambia esas p\u00e1ginas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.7\",\"versionEndExcluding\":\"6.1.95\",\"matchCriteriaId\":\"4623BA67-BE0D-4507-9EDC-D54AB0EB2B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.35\",\"matchCriteriaId\":\"6F019D15-84C0-416B-8C57-7F51B68992F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.9.6\",\"matchCriteriaId\":\"0ABBBA1D-F79D-4BDB-AA41-D1EDCC4A6975\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-07-15T06:51:23.029Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nriscv: rewrite __kernel_map_pages() to fix sleeping in invalid context\\n\\n__kernel_map_pages() is a debug function which clears the valid bit in page\\ntable entry for deallocated pages to detect illegal memory accesses to\\nfreed pages.\\n\\nThis function set/clear the valid bit using __set_memory(). __set_memory()\\nacquires init_mm\u0027s semaphore, and this operation may sleep. This is\\nproblematic, because  __kernel_map_pages() can be called in atomic context,\\nand thus is illegal to sleep. An example warning that this causes:\\n\\nBUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1578\\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2, name: kthreadd\\npreempt_count: 2, expected: 0\\nCPU: 0 PID: 2 Comm: kthreadd Not tainted 6.9.0-g1d4c6d784ef6 #37\\nHardware name: riscv-virtio,qemu (DT)\\nCall Trace:\\n[\u003cffffffff800060dc\u003e] dump_backtrace+0x1c/0x24\\n[\u003cffffffff8091ef6e\u003e] show_stack+0x2c/0x38\\n[\u003cffffffff8092baf8\u003e] dump_stack_lvl+0x5a/0x72\\n[\u003cffffffff8092bb24\u003e] dump_stack+0x14/0x1c\\n[\u003cffffffff8003b7ac\u003e] __might_resched+0x104/0x10e\\n[\u003cffffffff8003b7f4\u003e] __might_sleep+0x3e/0x62\\n[\u003cffffffff8093276a\u003e] down_write+0x20/0x72\\n[\u003cffffffff8000cf00\u003e] __set_memory+0x82/0x2fa\\n[\u003cffffffff8000d324\u003e] __kernel_map_pages+0x5a/0xd4\\n[\u003cffffffff80196cca\u003e] __alloc_pages_bulk+0x3b2/0x43a\\n[\u003cffffffff8018ee82\u003e] __vmalloc_node_range+0x196/0x6ba\\n[\u003cffffffff80011904\u003e] copy_process+0x72c/0x17ec\\n[\u003cffffffff80012ab4\u003e] kernel_clone+0x60/0x2fe\\n[\u003cffffffff80012f62\u003e] kernel_thread+0x82/0xa0\\n[\u003cffffffff8003552c\u003e] kthreadd+0x14a/0x1be\\n[\u003cffffffff809357de\u003e] ret_from_fork+0xe/0x1c\\n\\nRewrite this function with apply_to_existing_page_range(). It is fine to\\nnot have any locking, because __kernel_map_pages() works with pages being\\nallocated/deallocated and those pages are not changed by anyone else in the\\nmeantime.\"}], \"affected\": [{\"product\": \"Linux\", \"vendor\": \"Linux\", \"defaultStatus\": \"unaffected\", \"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"programFiles\": [\"arch/riscv/mm/pageattr.c\"], \"versions\": [{\"version\": \"5fde3db5eb02\", \"lessThan\": \"919f8626099d\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"5fde3db5eb02\", \"lessThan\": \"8661a7af0499\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"5fde3db5eb02\", \"lessThan\": \"d5257ceb19d9\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"5fde3db5eb02\", \"lessThan\": \"fb1cf0878328\", \"status\": \"affected\", \"versionType\": \"git\"}]}, {\"product\": \"Linux\", \"vendor\": \"Linux\", \"defaultStatus\": \"affected\", \"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"programFiles\": [\"arch/riscv/mm/pageattr.c\"], \"versions\": [{\"version\": \"5.7\", \"status\": \"affected\"}, {\"version\": \"0\", \"lessThan\": \"5.7\", \"status\": \"unaffected\", \"versionType\": \"custom\"}, {\"version\": \"6.1.95\", \"lessThanOrEqual\": \"6.1.*\", \"status\": \"unaffected\", \"versionType\": \"custom\"}, {\"version\": \"6.6.35\", \"lessThanOrEqual\": \"6.6.*\", \"status\": \"unaffected\", \"versionType\": \"custom\"}, {\"version\": \"6.9.6\", \"lessThanOrEqual\": \"6.9.*\", \"status\": \"unaffected\", \"versionType\": \"custom\"}, {\"version\": \"6.10\", \"lessThanOrEqual\": \"*\", \"status\": \"unaffected\", \"versionType\": \"original_commit_for_fix\"}]}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876\"}, {\"url\": \"https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb\"}, {\"url\": \"https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915\"}, {\"url\": \"https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4\"}], \"title\": \"riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context\", \"x_generator\": {\"engine\": \"bippy-c9c4e1df01b2\"}}, \"adp\": [{\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-40915\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T17:05:49.659920Z\"}}}], \"providerMetadata\": {\"shortName\": \"CISA-ADP\", \"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"dateUpdated\": \"2024-09-11T12:42:25.005Z\"}, \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-40915\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Linux\", \"dateReserved\": \"2024-07-12T12:17:45.581Z\", \"datePublished\": \"2024-07-12T12:24:58.770Z\", \"dateUpdated\": \"2024-08-02T04:39:55.508Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.