CVE-2024-46684

Name of the Vulnerable Software and Affected Versions Linux kernel versions up to 6.10.7

Description The issue is related to the create elf fdpic tables() function not correctly accounting for the space for the AUX vector when an architecture has ELF HWCAP2 defined. This results in a kernel BUG. The problem is fixed by adding one to the number of AUXV entries (nitems) when ELF HWCAP2 is defined. An attacker could potentially gain elevated permissions.

Recommendations Upgrade to a version later than 6.10.7 to resolve the issue. As a temporary workaround, consider restricting access to the binfmt elf fdpic module to minimize the risk of exploitation.