Linux · Linux Kernel · CVE-2024-26712
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to a buffer overflow in the kasan component of the Linux kernel. When `k start` is not page aligned, the calculation of `va` results in an invalid address, leading to memory overwriting. This occurs because the memory address space from `va` to `block` is not allocated by `memblock alloc` and will not be reserved by `memblock reserve` later, allowing it to be used by other parts of the system. The vulnerability can cause memory overwriting, potentially leading to a denial of service.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.