CVE-2024-0564

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.4.0-96.119 and later

Description: A flaw in the Linux kernel's memory deduplication mechanism, specifically in the Kernel Samepage Merging (KSM) component, can create a side channel. This allows an attacker to potentially leak a victim's page when they share the same host and the default KSM setting is "max page sharing=256". The attacker can time the unmap to merge with the victim's page, and the unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's "max page share".

Recommendations: For Linux kernel versions 4.4.0-96.119 and later, consider disabling the Kernel Samepage Merging (KSM) feature as a temporary workaround to minimize the risk of exploitation. Restrict access to sensitive pages to prevent potential leaks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.