{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "arch/x86/tools/relocs.c" ], "versions": [ { "version": "5ead97c84fa7", "lessThan": "13edb509abc9", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "52018aa146e3", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "a4e7ff1a7427", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "c7cff9780297", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "47635b112a64", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "af2a9f98d884", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "ae7079238f6f", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "5cb59db49c9c", "status": "affected", "versionType": "git" }, { "version": "5ead97c84fa7", "lessThan": "aaa8736370db", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "arch/x86/tools/relocs.c" ], "versions": [ { "version": "2.6.23", "status": "affected" }, { "version": "0", "lessThan": "2.6.23", "status": "unaffected", "versionType": "custom" }, { "version": "4.19.311", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03" }, { "url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088" }, { "url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a" }, { "url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af" }, { "url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723" }, { "url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c" }, { "url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa" }, { "url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40" }, { "url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b" } ], "title": "x86, relocs: Ignore relocations in .notes section", "x_generator": { "engine": "bippy-a5840b7849dd" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2024-26816", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }