PT-2024-29137 · Linux+5 · Linux Kernel+5

Nam Cao

Published

2024-05-15

Updated

2026-03-14

CVE-2024-40915

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0

Description The issue is related to the kernel map pages() function, which is a debug function that clears the valid bit in page table entries for deallocated pages to detect illegal memory accesses to freed pages. This function uses set memory() to set or clear the valid bit, and set memory() acquires init mm's semaphore, which may sleep. However, kernel map pages() can be called in atomic context, making it illegal to sleep. An example warning is provided, showing a BUG message indicating a sleeping function called from an invalid context.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-1322

Related Identifiers

AZL-67449

BDU:2025-08059

CVE-2024-40915

DLA-4008-1

DSA-5731-1

OESA-2024-1941

OESA-2024-1942

OESA-2024-1943

USN-6999-1

USN-6999-2

USN-7004-1

USN-7005-1

USN-7005-2

USN-7008-1

USN-7029-1

USN-7100-1

USN-7100-2

USN-7123-1

USN-7144-1

USN-7194-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2024-29137 · Linux+5 · Linux Kernel+5

CVE-2024-40915

Weakness Enumeration

Related Identifiers

Affected Products

References · 733