Description

In the Linux kernel, the following vulnerability has been resolved: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address Read from an unsafe address with copy_from_kernel_nofault() in arch_adjust_kprobe_addr() because this function is used before checking the address is in text or not. Syzcaller bot found a bug and reported the case if user specifies inaccessible data area, arch_adjust_kprobe_addr() will cause a kernel panic. [ mingo: Clarified the comment. ]

INFO

Published Date :

2024-05-01T05:18:13.192Z

Last Modified :

2025-05-04T09:00:25.097Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-26946 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Rhel Eus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-26946.

URL Resource
https://git.kernel.org/stable/c/20fdb21eabaeb8f78f8f701f56d14ea0836ec861 cve-icon cve-icon
https://git.kernel.org/stable/c/4e51653d5d871f40f1bd5cf95cc7f2d8b33d063b cve-icon cve-icon
https://git.kernel.org/stable/c/6417684315087904fffe8966d27ca74398c57dd6 cve-icon cve-icon
https://git.kernel.org/stable/c/b69f577308f1070004cafac106dd1a44099e5483 cve-icon cve-icon
https://git.kernel.org/stable/c/f13edd1871d4fb4ab829aff629d47914e251bae3 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26946-ad5d@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-26946 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-26946 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact