CVE-2024-0841: Kernel: hugetlbfs: null pointer dereference in hugetlbfs_fill_super function
First published: Tue Jan 02 2024(Updated: )
A flaw in the Linux Kernel found. Null pointer dereference in hugetlbfs_fill_super function for hugetlbfs (HugeTLB pages). The issue presents when we attempt to update the pagesize value to an invalid size with the fsconfig syscall. This syscall will eventually call hugetlbfs_parse_param() where we will set the hstate value to null if the value passed is not a valid page size. If we then attempt to update the fs again with a fsconfig syscall, specifically with the FSCONFIG_CMD_CREATE option, we will then attempt to dereference that null pointer within hugetlbfs_fill_super() causing a panic.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux kernel | >=5.1<5.4.271 | |
| Linux kernel | >=5.5<5.10.212 | |
| Linux kernel | >=5.11<5.15.151 | |
| Linux kernel | >=5.16<6.1.79 | |
| Linux kernel | >=6.2<6.6.18 | |
| Linux kernel | >=6.7<6.7.6 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| IBM Security Verify Governance - Identity Manager | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager Software Stack | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager Virtual Appliance | <=ISVG 10.0.2 | |
| IBM Security Verify Governance Identity Manager Container | <=ISVG 10.0.2 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.21-1 6.12.22-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2256490
- https://access.redhat.com/security/cve/CVE-2024-0841
- https://access.redhat.com/errata/RHSA-2024:2394
- https://access.redhat.com/errata/RHSA-2024:2950
- https://access.redhat.com/errata/RHSA-2024:3138
- https://launchpad.net/bugs/cve/CVE-2024-0841
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2260734
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2256490#c9
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=79d72c68c58784a3e1cd2378669d51bfd0cb7498
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0841
- https://nvd.nist.gov/vuln/detail/CVE-2024-0841
- https://security-tracker.debian.org/tracker/CVE-2024-0841
- https://ubuntu.com/security/CVE-2024-0841
- https://lore.kernel.org/all/20240130210418.3771-1-osalvador@suse.de/T/#u
- https://www.ibm.com/support/pages/node/7230443 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-0841?
CVE-2024-0841 is classified as a low severity vulnerability due to its specific conditions for exploitation.
How do I fix CVE-2024-0841?
To resolve CVE-2024-0841, you should update your Linux Kernel to the recommended versions or later as specified in available patches.
Which versions of the Linux Kernel are affected by CVE-2024-0841?
CVE-2024-0841 affects Linux Kernel versions from 5.1 up to 6.7.6 across various distributions.
Can CVE-2024-0841 be exploited remotely?
CVE-2024-0841 does not allow for remote exploitation as it requires local access to the system.
What components are impacted by CVE-2024-0841?
CVE-2024-0841 impacts the hugetlbfs functionality within the Linux Kernel, specifically related to the fsconfig syscall.
- agent/title
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/remedy
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-0841
- collector/mitre-cve
- source/MITRE
- agent/trending
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-cve
- agent/last-modified-date
- agent/references
- agent/source
- collector/ibm-support
- source/IBM
- agent/softwarecombine
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.1
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.2
- version/linux kernel/6.7
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- vendor/ibm
- canonical/ibm security verify governance - identity manager
- version/ibm security verify governance - identity manager/isvg 10.0.2
- canonical/ibm security verify governance, identity manager software stack
- version/ibm security verify governance, identity manager software stack/isvg 10.0.2
- canonical/ibm security verify governance, identity manager virtual appliance
- version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
- canonical/ibm security verify governance identity manager container
- version/ibm security verify governance identity manager container/isvg 10.0.2
- package-manager/debian