CVE-2024-39488

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.9.1

Description: The vulnerability is related to the arm64: asm-bug component in the Linux kernel. When CONFIG DEBUG BUGVERBOSE=n, the kernel fails to add necessary padding bytes to bug table entries. As a result, the last entry in a bug table may be ignored, potentially leading to an unexpected panic. The arm64 ABI requires that struct fields of up to 8 bytes are naturally-aligned, with padding added within a struct such that struct are suitably aligned within arrays. The vulnerability can be demonstrated with a module that triggers a kernel panic when loaded.

Recommendations: To resolve the issue, update the Linux kernel to version 6.9.1 or later. If updating is not possible, consider disabling the vulnerable module or restricting its use to minimize the risk of exploitation. As a temporary workaround, avoid using the buginit function in the affected module until a patch is available.