CVE-2024-56617

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/23b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2", "name": "https://git.kernel.org/stable/c/23b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/95e197354e0de07e9a20819bdae6562e4dda0f20", "name": "https://git.kernel.org/stable/c/95e197354e0de07e9a20819bdae6562e4dda0f20", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/b3fce429a1e030b50c1c91351d69b8667eef627b", "name": "https://git.kernel.org/stable/c/b3fce429a1e030b50c1c91351d69b8667eef627b", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU\n\nCommit\n\n 5944ce092b97 (\"arch_topology: Build cacheinfo from primary CPU\")\n\nadds functionality that architectures can use to optionally allocate and\nbuild cacheinfo early during boot. Commit\n\n 6539cffa9495 (\"cacheinfo: Add arch specific early level initializer\")\n\nlets secondary CPUs correct (and reallocate memory) cacheinfo data if\nneeded.\n\nIf the early build functionality is not used and cacheinfo does not need\ncorrection, memory for cacheinfo is never allocated. x86 does not use\nthe early build functionality. Consequently, during the cacheinfo CPU\nhotplug callback, last_level_cache_is_valid() attempts to dereference\na NULL pointer:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000100\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEPMT SMP NOPTI\n CPU: 0 PID 19 Comm: cpuhp/0 Not tainted 6.4.0-rc2 #1\n RIP: 0010: last_level_cache_is_valid+0x95/0xe0a\n\nAllocate memory for cacheinfo during the cacheinfo CPU hotplug callback\nif not done earlier.\n\nMoreover, before determining the validity of the last-level cache info,\nensure that it has been allocated. Simply checking for non-zero\ncache_leaves() is not sufficient, as some architectures (e.g., Intel\nprocessors) have non-zero cache_leaves() before allocation.\n\nDereferencing NULL cacheinfo can occur in update_per_cpu_data_slice_size().\nThis function iterates over all online CPUs. However, a CPU may have come\nonline recently, but its cacheinfo may not have been allocated yet.\n\nWhile here, remove an unnecessary indentation in allocate_cache_info().\n\n [ bp: Massage. ]"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-476"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-56617", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-12-27T15:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.12.5", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.66", "versionStartIncluding": "6.4"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-01-16T16:13Z"}