CVE-2024-26816
Vulnerability from cvelistv5
Published
2024-04-10 13:53
Modified
2024-11-05 09:16
Severity ?
EPSS score ?
Summary
x86, relocs: Ignore relocations in .notes section
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-26816", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-21T16:05:35.963352Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-21T16:05:55.498Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:14:13.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/x86/tools/relocs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "13edb509abc9", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "52018aa146e3", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "a4e7ff1a7427", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "c7cff9780297", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "47635b112a64", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "af2a9f98d884", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "ae7079238f6f", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "5cb59db49c9c", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" }, { "lessThan": "aaa8736370db", "status": "affected", "version": "5ead97c84fa7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/x86/tools/relocs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.23" }, { "lessThan": "2.6.23", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.311", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.273", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.214", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.153", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.83", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.23", "versionType": "semver" }, { "lessThanOrEqual": "6.7.*", "status": "unaffected", "version": "6.7.11", "versionType": "semver" }, { "lessThanOrEqual": "6.8.*", "status": "unaffected", "version": "6.8.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map." } ], "providerMetadata": { "dateUpdated": "2024-11-05T09:16:21.503Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03" }, { "url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088" }, { "url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a" }, { "url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af" }, { "url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723" }, { "url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c" }, { "url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa" }, { "url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40" }, { "url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b" } ], "title": "x86, relocs: Ignore relocations in .notes section", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-26816", "datePublished": "2024-04-10T13:53:49.492Z", "dateReserved": "2024-02-19T14:20:24.180Z", "dateUpdated": "2024-11-05T09:16:21.503Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-26816\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-10T14:15:07.490\",\"lastModified\":\"2024-11-05T10:15:52.480\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nx86, relocs: Ignore relocations in .notes section\\n\\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\\nthe .notes section so that Xen can find the \\\"startup_xen\\\" entry point.\\nThis information is used prior to booting the kernel, so relocations\\nare not useful. In fact, performing relocations against the .notes\\nsection means that the KASLR base is exposed since /sys/kernel/notes\\nis world-readable.\\n\\nTo avoid leaking the KASLR base without breaking unprivileged tools that\\nare expecting to read /sys/kernel/notes, skip performing relocations in\\nthe .notes section. The values readable in .notes are then identical to\\nthose found in System.map.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: x86, relocs: ignorar reubicaciones en la secci\u00f3n .notes Al compilar con CONFIG_XEN_PV=y, los s\u00edmbolos .text se emiten en la secci\u00f3n .notes para que Xen pueda encontrar el punto de entrada \\\"startup_xen\\\" . Esta informaci\u00f3n se utiliza antes de iniciar el kernel, por lo que las reubicaciones no son \u00fatiles. De hecho, realizar reubicaciones en la secci\u00f3n .notes significa que la base KASLR est\u00e1 expuesta ya que /sys/kernel/notes es legible en todo el mundo. Para evitar filtrar la base de KASLR sin da\u00f1ar las herramientas sin privilegios que esperan leer /sys/kernel/notes, omita realizar reubicaciones en la secci\u00f3n .notes. Los valores legibles en .notes son id\u00e9nticos a los que se encuentran en System.map.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.