CVE-2024-44966

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the Linux kernel, specifically with the binfmt flat format. A RISC-V specific variant of this format was introduced, which does not allocate space for the array of shared library pointers. However, the code that initializes this array was not disabled, resulting in the corruption of sizeof(long) bytes before the DATA segment. This corruption generally occurs at the end of the TEXT segment. To address this, MAX SHARED LIBS UPDATE was introduced, which depends on the state of CONFIG BINFMT FLAT NO DATA START OFFSET to guard the initialization of the shared library pointer region. This ensures that the region is only initialized if space is reserved for it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.