PT-2024-31374 · Linux+7 · Linux Kernel+7

Daniel Hodges

·

Published

2024-08-12

·

Updated

2025-09-29

·

CVE-2024-45020

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a kernel verifier crash in the stacksafe() function due to invalid memory access. This occurs when cur->allocated stack is less than old->allocated stack, causing an out-of-bound access. The crash was reported by Daniel Hodges while working with sched-ext. The vulnerable code is in the stacksafe() function, specifically in the condition if (exact != NOT EXACT && old->stack[spi].slot type[i % BPF REG SIZE] != cur->stack[spi].slot type[i % BPF REG SIZE]). To fix the issue, an i >= cur->allocated stack check should be added to prevent the out-of-bound access.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALSA-2024:11486
ALSA-2024_11486
ALSA-2025_16880
ALT-PU-2024-13260
ALT-PU-2024-13979
AZL-49221
BDU:2025-01785
CVE-2024-45020
INFSA-2024_11486
OESA-2024-2154
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3587-1
OPENSUSE-SU-2024_3592-1
RHSA-2024:11486
RHSA-2024_11486
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3569-1
SUSE-SU-2024:3587-1
SUSE-SU-2024:3592-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7196-1

Affected Products

Alt Linux
Almalinux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu