目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2024-26989— Linux kernel 安全漏洞

AI 预测 4.4 利用难度: 中等 EPSS 0.24% · P15

影响版本矩阵 12

厂商产品版本范围状态
LinuxLinuxa7d9f306ba7052056edf9ccae596aeb400226af8< 813f5213f2c612dc800054859aaa396ec8ad7069affected
a7d9f306ba7052056edf9ccae596aeb400226af8< f7e71a7cf399f53ff9fc314ca3836dc913b05bd6affected
a7d9f306ba7052056edf9ccae596aeb400226af8< 31f815cb436082e72d34ed2e8a182140a73ebdf4affected
a7d9f306ba7052056edf9ccae596aeb400226af8< 022b19ebc31cce369c407617041a3db810db23b3affected
a7d9f306ba7052056edf9ccae596aeb400226af8< 50449ca66cc5a8cbc64749cf4b9f3d3fc5f4b457affected
5.14affected
< 5.14unaffected
5.15.157≤ 5.15.*unaffected
… +4 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2024-26989 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
arm64: hibernate: Fix level3 translation fault in swsusp_save()
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access MEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI when booting with rodata=off debug_pagealloc=off and CONFIG_KFENCE=n: Unable to handle kernel paging request at virtual address ffffff8000000000 Mem abort info: ESR = 0x0000000096000007 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x07: level 3 translation fault Data abort info: ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 swapper pgtable: 4k pages, 39-bit VAs, pgdp=00000000eeb0b000 [ffffff8000000000] pgd=180000217fff9803, p4d=180000217fff9803, pud=180000217fff9803, pmd=180000217fff8803, pte=0000000000000000 Internal error: Oops: 0000000096000007 [#1] SMP Internal error: Oops: 0000000096000007 [#1] SMP Modules linked in: xt_multiport ipt_REJECT nf_reject_ipv4 xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_filter bpfilter rfkill at803x snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg dwmac_generic stmmac_platform snd_hda_codec stmmac joydev pcs_xpcs snd_hda_core phylink ppdev lp parport ramoops reed_solomon ip_tables x_tables nls_iso8859_1 vfat multipath linear amdgpu amdxcp drm_exec gpu_sched drm_buddy hid_generic usbhid hid radeon video drm_suballoc_helper drm_ttm_helper ttm i2c_algo_bit drm_display_helper cec drm_kms_helper drm CPU: 0 PID: 3663 Comm: systemd-sleep Not tainted 6.6.2+ #76 Source Version: 4e22ed63a0a48e7a7cff9b98b7806d8d4add7dc0 Hardware name: Greatwall GW-XXXXXX-XXX/GW-XXXXXX-XXX, BIOS KunLun BIOS V4.0 01/19/2021 pstate: 600003c5 (nZCv DAIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : swsusp_save+0x280/0x538 lr : swsusp_save+0x280/0x538 sp : ffffffa034a3fa40 x29: ffffffa034a3fa40 x28: ffffff8000001000 x27: 0000000000000000 x26: ffffff8001400000 x25: ffffffc08113e248 x24: 0000000000000000 x23: 0000000000080000 x22: ffffffc08113e280 x21: 00000000000c69f2 x20: ffffff8000000000 x19: ffffffc081ae2500 x18: 0000000000000000 x17: 6666662074736420 x16: 3030303030303030 x15: 3038666666666666 x14: 0000000000000b69 x13: ffffff9f89088530 x12: 00000000ffffffea x11: 00000000ffff7fff x10: 00000000ffff7fff x9 : ffffffc08193f0d0 x8 : 00000000000bffe8 x7 : c0000000ffff7fff x6 : 0000000000000001 x5 : ffffffa0fff09dc8 x4 : 0000000000000000 x3 : 0000000000000027 x2 : 0000000000000000 x1 : 0000000000000000 x0 : 000000000000004e Call trace: swsusp_save+0x280/0x538 swsusp_arch_suspend+0x148/0x190 hibernation_snapshot+0x240/0x39c hibernate+0xc4/0x378 state_store+0xf0/0x10c kobj_attr_store+0x14/0x24 The reason is swsusp_save() -> copy_data_pages() -> page_is_saveable() -> kernel_page_present() assuming that a page is always present when can_set_direct_map() is false (all of rodata_full, debug_pagealloc_enabled() and arm64_kfence_can_set_direct_map() false), irrespective of the MEMBLOCK_NOMAP ranges. Such MEMBLOCK_NOMAP regions should not be saved during hibernation. This problem was introduced by changes to the pfn_valid() logic in commit a7d9f306ba70 ("arm64: drop pfn_valid_within() and simplify pfn_valid()"). Similar to other architectures, drop the !can_set_direct_map() check in kernel_page_present() so that page_is_savable() skips such pages. [catalin.marinas@arm.com: rework commit message]
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于swsusp_save函数中的 level3 转换错误。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux a7d9f306ba7052056edf9ccae596aeb400226af8 ~ 813f5213f2c612dc800054859aaa396ec8ad7069 -
LinuxLinux 5.14 -

二、漏洞 CVE-2024-26989 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2024-26989 的情报信息

登录查看更多情报信息。

CVE-2024-26989 邮件列表归档 (3)

CVE-2024-26989 其他参考 (4)

同批安全公告 · Linux · 2024-05-01 · 共 159 条

CVE-2024-27038Linux kernel 安全漏洞
CVE-2024-27029Linux kernel 安全漏洞
CVE-2024-27030Linux kernel 安全漏洞
CVE-2024-27031Linux kernel 安全漏洞
CVE-2024-27032Linux kernel 安全漏洞
CVE-2024-27033Linux kernel 安全漏洞
CVE-2024-27034Linux kernel 安全漏洞
CVE-2024-27035Linux kernel 安全漏洞
CVE-2024-27036Linux kernel 安全漏洞
CVE-2024-27037Linux kernel 安全漏洞
CVE-2024-27044Linux kernel 安全漏洞
CVE-2024-27048Linux kernel 安全漏洞
CVE-2024-27047Linux kernel 安全漏洞
CVE-2024-27046Linux kernel 安全漏洞
CVE-2024-27045Linux kernel 安全漏洞
CVE-2024-27041Linux kernel 安全漏洞
CVE-2024-27039Linux kernel 安全漏洞
CVE-2024-27040Linux kernel 安全漏洞
CVE-2024-27028Linux kernel 安全漏洞
CVE-2024-27043Linux kernel 安全漏洞

显示前 20 条,共 159 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2024-26989

暂无评论


发表评论