CVE-2024-44981

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0

Description The issue is caused by the function shift and mask() using a signed immediate to construct the mask and being called with a shift of 31 (WORK OFFQ POOL SHIFT), resulting in a subtraction overflow error. This error is reported by UBSAN when booting in a virtual machine on Android. The error leads to a kernel panic with a fatal exception.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the shift and mask() function, which uses an unsigned constant '1U' to generate the mask. At the moment, there is no information about a newer version that contains a fix for this vulnerability.