CVE-2024-26783

{"id": "CVE-2024-26783", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-04-04T09:15:08.077", "references": [{"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e5ec1c24e71dbf144677a975d6ba91043c2193db", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index\n\nWith numa balancing on, when a numa system is running where a numa node\ndoesn't have its local memory so it has no managed zones, the following\noops has been observed. It's because wakeup_kswapd() is called with a\nwrong zone index, -1. Fixed it by checking the index before calling\nwakeup_kswapd().\n\n> BUG: unable to handle page fault for address: 00000000000033f3\n> #PF: supervisor read access in kernel mode\n> #PF: error_code(0x0000) - not-present page\n> PGD 0 P4D 0\n> Oops: 0000 [#1] PREEMPT SMP NOPTI\n> CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255\n> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n> rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n> RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812)\n> Code: (omitted)\n> RSP: 0000:ffffc90004257d58 EFLAGS: 00010286\n> RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003\n> RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480\n> RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff\n> R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003\n> R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940\n> FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000\n> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n> CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0\n> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n> PKRU: 55555554\n> Call Trace:\n> <TASK>\n> ? __die\n> ? page_fault_oops\n> ? __pte_offset_map_lock\n> ? exc_page_fault\n> ? asm_exc_page_fault\n> ? wakeup_kswapd\n> migrate_misplaced_page\n> __handle_mm_fault\n> handle_mm_fault\n> do_user_addr_fault\n> exc_page_fault\n> asm_exc_page_fault\n> RIP: 0033:0x55b897ba0808\n> Code: (omitted)\n> RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287\n> RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0\n> RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0\n> RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075\n> R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n> R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000\n> </TASK>"}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm/vmscan: corrige un error al llamar a wakeup_kswapd() con un \u00edndice de zona incorrecto Con el equilibrio numa activado, cuando se ejecuta un SYSTEM numa donde un nodo numa no tiene su memoria local por lo que no tiene zonas administradas, se ha observado lo siguiente. Es porque se llama a wakeup_kswapd() con un \u00edndice de zona incorrecto, -1. Se solucion\u00f3 verificando el \u00edndice antes de llamar a wakeup_kswapd(). &gt; ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: 00000000000033f3 &gt; #PF: acceso de lectura del supervisor en modo kernel &gt; #PF: error_code(0x0000) - p\u00e1gina no presente &gt; PGD 0 P4D 0 &gt; Ups: 0000 [#1] SMP PREEMPT NOPTI &gt; CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255 &gt; Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS &gt; rel-1.16.0-0-gd239552ce722-prebuilt.qemu .org 01/04/2014 &gt; RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812) &gt; C\u00f3digo: (omitido) &gt; RSP: 0000:ffffc90004257d58 EFLAGS: 00010286 &gt; RAX: ffffffffffffffff RBX: ffff88883f ff0480RCX: 0000000000000003 &gt; RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480 &gt; RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff &gt; R10: ff ff888106c95540 R11: 0000000055555554 R12: 0000000000000003 &gt; R13: 0000000000000000 R14: 00000000000000000 R15: ffff88883fff0940 &gt; FS: 0000 7fc4b8124740(0000) GS: ffff888827c00000(0000) knlGS:0000000000000000 &gt; CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 &gt; CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0 &gt; DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 &gt; DR3: 00000000000000000 DR6: 00000000ffe0ff0 DR7: 000 0000000000400 &gt; PKRU: 55555554 &gt; Rastreo de llamadas: &gt; &gt; ? __morir &gt; ? page_fault_oops &gt; ? __pte_offset_map_lock &gt; ? exc_page_fault &gt; ? asm_exc_page_fault &gt; ? wakeup_kswapd &gt; migrar_misplaced_page &gt; __handle_mm_fault &gt; handle_mm_fault &gt; do_user_addr_fault &gt; exc_page_fault &gt; asm_exc_page_fault &gt; RIP: 0033:0x55b897ba0808 &gt; C\u00f3digo: (omitido) &gt; RSP: 002b:00007ffeefa821a0 EFLAGS: 00 010287 &gt; RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0 &gt; RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0 &gt; RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 00000000000000075 &gt; R10: 0000000000000000 R11: 0 000000000000202 R12: 0000000000000000 &gt; R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000 &gt; "}], "lastModified": "2025-05-22T13:15:53.253", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6D9B00F-1C32-42E5-A982-2FB0E9273753", "versionEndExcluding": "6.6.22", "versionStartIncluding": "5.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827", "versionEndExcluding": "6.7.9", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}