CVE-2024-26621
MediumIn the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: don't force huge page alignment on 32 bit commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") caused two issues [1] [2] reported on 32 bit system or compat userspace. It doesn't make too much sense to force huge page alignment on 32 bit system due to the constrained virtual address space. [1] https://lore.kernel.org/linux-mm/[email protected]/ [2] https://lore.kernel.org/linux-mm/CAJuCfpHXLdQy1a2B6xN2d7quTYwg2OoZseYPZTRpU0eHHKD-sQ@mail.gmail.com/
CVSS 3.1 score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
The following references provide additional information about CVE-2024-26621 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
PatchKernel patch commithttps://git.kernel.org/stable/c/4ef9ad19e17676b9ef071309bc62020e2373705d
-
PatchKernel patch commithttps://git.kernel.org/stable/c/6ea9aa8d97e6563676094cb35755884173269555
-
PatchKernel patch commithttps://git.kernel.org/stable/c/7432376c913381c5f24d373a87ff629bbde94b47
Frequently asked questions
-
What is CVE-2024-26621?
CVE-2024-26621 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . CVE-2024-26621 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2024-26621?
CVE-2024-26621 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. -
Is there a patch available for CVE-2024-26621?
No patch is currently available for CVE-2024-26621. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
-
Is CVE-2024-26621 actively exploited?
No — CVE-2024-26621 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.