PT-2024-31332 · Linux+7 · Linux Kernel+7

Guenter Roeck

·

Published

2024-08-01

·

Updated

2025-09-29

·

CVE-2024-44965

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to the pti clone pgtable() function, which had alignment assumptions on the start address, notably assuming it is PMD aligned. This assumption is true on x86 64 but not on i386, leading to a malfunction in the end condition and resulting in a 'short' clone. The problem occurs when the user mapping has a short copy of the entry text. To resolve this, the correct increment form for addr should be used to avoid alignment assumptions.
Recommendations Update to Linux kernel version 6.6.50 or later to resolve the issue. As a temporary workaround, consider restricting the use of the pti clone pgtable() function until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-11345
ALT-PU-2024-13979
ALT-PU-2024-14046
BDU:2025-01909
CVE-2024-44965
DLA-3912-1
DLA-4008-1
INFSA-2024_9315
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2181
OESA-2024-2182
OESA-2024-2183
OESA-2024-2184
OESA-2024-2185
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu