Description

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: fix loss of young/dirty bits during pagemap scan make_uffd_wp_pte() was previously doing: pte = ptep_get(ptep); ptep_modify_prot_start(ptep); pte = pte_mkuffd_wp(pte); ptep_modify_prot_commit(ptep, pte); But if another thread accessed or dirtied the pte between the first 2 calls, this could lead to loss of that information. Since ptep_modify_prot_start() gets and clears atomically, the following is the correct pattern and prevents any possible race. Any access after the first call would see an invalid pte and cause a fault: pte = ptep_modify_prot_start(ptep); pte = pte_mkuffd_wp(pte); ptep_modify_prot_commit(ptep, pte);

INFO

Published Date :

2024-05-30T15:35:42.119Z

Last Modified :

2025-05-04T09:12:32.403Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-36943 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-36943.

URL Resource
https://git.kernel.org/stable/c/74b3d66f91d9f539f99faad74d796fa9a389a015 cve-icon cve-icon
https://git.kernel.org/stable/c/c70dce4982ce1718bf978a35f8e26160b82081f4 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024053038-CVE-2024-36943-de68@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-36943 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-36943 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact