PT-2024-36935 · Linux+2 · Linux Kernel+2

Published

2024-12-02

Updated

2025-05-06

CVE-2024-56628

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the LoongArch system, where invalid huge pte entries should be marked as invalid pte table or have a single PAGE HUGE bit set, rather than a zero value. This affects the free pmd range() function, which may treat a single PAGE HUGE bit as a valid pte table and call free pte range() unnecessarily. The vulnerability was identified when running mm selftests with the command run vmtests.sh, resulting in a bad page state error.

Recommendations For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-911

Related Identifiers

BDU:2025-04138

CVE-2024-56628

DLA-4076-1

MGASA-2025-0030

MGASA-2025-0032

OESA-2025-1286

OESA-2025-1450

Affected Products

Astra Linux

Linux Kernel

Red Os

PT-2024-36935 · Linux+2 · Linux Kernel+2

CVE-2024-56628

Weakness Enumeration

Related Identifiers

Affected Products

References · 264