CVE-2024-26816 - Vulnerability Details

Vendors	Products
Debian	Debian Linux
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03
https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723
https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088
https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40
https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a
https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b
https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa
https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c
https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lore.kernel.org/linux-cve-announce/2024041039-CVE-2024-26816-5054@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26816
https://www.cve.org/CVERecord?id=CVE-2024-26816

Type	Values Removed	Values Added
First Time appeared		Debian Debian debian Linux Linux Linux linux Kernel
Weaknesses		CWE-770
CPEs		cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Debian Debian debian Linux Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 6.0, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26816", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.180Z", "datePublished": "2024-04-10T13:53:49.492Z", "dateUpdated": "2024-12-19T08:48:02.350Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:48:02.350Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/tools/relocs.c"], "versions": [{"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "13edb509abc91c72152a11baaf0e7c060a312e03", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "52018aa146e3cf76569a9b1e6e49a2b7c8d4a088", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "a4e7ff1a74274e59a2de9bb57236542aa990d20a", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "c7cff9780297d55d97ad068b68b703cfe53ef9af", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "47635b112a64b7b208224962471e7e42f110e723", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "af2a9f98d884205145fd155304a6955822ccca1c", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "ae7079238f6faf1b94accfccf334e98b46a0c0aa", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40", "status": "affected", "versionType": "git"}, {"version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "aaa8736370db1a78f0e8434344a484f9fd20be3b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/tools/relocs.c"], "versions": [{"version": "2.6.23", "status": "affected"}, {"version": "0", "lessThan": "2.6.23", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.311", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03"}, {"url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088"}, {"url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a"}, {"url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af"}, {"url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723"}, {"url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c"}, {"url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa"}, {"url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40"}, {"url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b"}], "title": "x86, relocs: Ignore relocations in .notes section", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-21T16:05:35.963352Z", "id": "CVE-2024-26816", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T16:05:55.498Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.600Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

cveMetadata : { »

cveId : CVE-2024-26816 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-19T14:20:24.180Z (string)

datePublished : 2024-04-10T13:53:49.492Z (string)

dateUpdated : 2024-12-19T08:48:02.350Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T08:48:02.350Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is used prior to booting the kernel, so relocations are not useful. In fact, performing relocations against the .notes section means that the KASLR base is exposed since /sys/kernel/notes is world-readable. To avoid leaking the KASLR base without breaking unprivileged tools that are expecting to read /sys/kernel/notes, skip performing relocations in the .notes section. The values readable in .notes are then identical to those found in System.map. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : arch/x86/tools/relocs.c (string)

]

versions : [ »

0 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 13edb509abc91c72152a11baaf0e7c060a312e03 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 47635b112a64b7b208224962471e7e42f110e723 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : af2a9f98d884205145fd155304a6955822ccca1c (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

status : affected (string)

versionType : git (string)

}

8 : { »

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : arch/x86/tools/relocs.c (string)

]

versions : [ »

0 : { »

version : 2.6.23 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 2.6.23 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.19.311 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.4.273 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.10.214 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.15.153 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.1.83 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.6.23 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.7.11 (string)

lessThanOrEqual : 6.7.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 6.8.2 (string)

lessThanOrEqual : 6.8.* (string)

status : unaffected (string)

versionType : semver (string)

}

10 : { »

version : 6.9 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

}

3 : { »

url : https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

}

4 : { »

url : https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c (string)

}

6 : { »

url : https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

}

7 : { »

url : https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

}

8 : { »

url : https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

}

]

title : x86, relocs: Ignore relocations in .notes section (string)

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-06-21T16:05:35.963352Z (string)

id : CVE-2024-26816 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-21T16:05:55.498Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T00:14:13.600Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

tags : [ »

0 : x_transferred (string)

]

}

9 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

10 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.600Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26816", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-21T16:05:35.963352Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T16:05:52.537Z"}}], "cna": {"title": "x86, relocs: Ignore relocations in .notes section", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "13edb509abc91c72152a11baaf0e7c060a312e03", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "52018aa146e3cf76569a9b1e6e49a2b7c8d4a088", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "a4e7ff1a74274e59a2de9bb57236542aa990d20a", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "c7cff9780297d55d97ad068b68b703cfe53ef9af", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "47635b112a64b7b208224962471e7e42f110e723", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "af2a9f98d884205145fd155304a6955822ccca1c", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "ae7079238f6faf1b94accfccf334e98b46a0c0aa", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40", "versionType": "git"}, {"status": "affected", "version": "5ead97c84fa7d63a6a7a2f4e9f18f452bd109045", "lessThan": "aaa8736370db1a78f0e8434344a484f9fd20be3b", "versionType": "git"}], "programFiles": ["arch/x86/tools/relocs.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.23"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.23", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.311", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.273", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["arch/x86/tools/relocs.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03"}, {"url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088"}, {"url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a"}, {"url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af"}, {"url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723"}, {"url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c"}, {"url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa"}, {"url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40"}, {"url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:48:02.350Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26816", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:48:02.350Z", "dateReserved": "2024-02-19T14:20:24.180Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-10T13:53:49.492Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

tags : [ »

0 : x_transferred (string)

]

}

9 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

10 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T00:14:13.600Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-26816 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-06-21T16:05:35.963352Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-21T16:05:52.537Z (string)

}

]

cna : { »

title : x86, relocs: Ignore relocations in .notes section (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 13edb509abc91c72152a11baaf0e7c060a312e03 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 47635b112a64b7b208224962471e7e42f110e723 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : af2a9f98d884205145fd155304a6955822ccca1c (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : 5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

versionType : git (string)

}

8 : { »

status : affected (string)

version : 5ead97c84fa7d63a6a7a2f4e9f18f452bd109045 (string)

lessThan : aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

versionType : git (string)

}

]

programFiles : [ »

0 : arch/x86/tools/relocs.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2.6.23 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 2.6.23 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.19.311 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

3 : { »

status : unaffected (string)

version : 5.4.273 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

4 : { »

status : unaffected (string)

version : 5.10.214 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

5 : { »

status : unaffected (string)

version : 5.15.153 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

6 : { »

status : unaffected (string)

version : 6.1.83 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

7 : { »

status : unaffected (string)

version : 6.6.23 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

8 : { »

status : unaffected (string)

version : 6.7.11 (string)

versionType : semver (string)

lessThanOrEqual : 6.7.* (string)

}

9 : { »

status : unaffected (string)

version : 6.8.2 (string)

versionType : semver (string)

lessThanOrEqual : 6.8.* (string)

}

10 : { »

status : unaffected (string)

version : 6.9 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : arch/x86/tools/relocs.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

}

3 : { »

url : https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

}

4 : { »

url : https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c (string)

}

6 : { »

url : https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

}

7 : { »

url : https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

}

8 : { »

url : https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

}

]

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is used prior to booting the kernel, so relocations are not useful. In fact, performing relocations against the .notes section means that the KASLR base is exposed since /sys/kernel/notes is world-readable. To avoid leaking the KASLR base without breaking unprivileged tools that are expecting to read /sys/kernel/notes, skip performing relocations in the .notes section. The values readable in .notes are then identical to those found in System.map. (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T08:48:02.350Z (string)

}

cveMetadata : { »

cveId : CVE-2024-26816 (string)

state : PUBLISHED (string)

dateUpdated : 2024-12-19T08:48:02.350Z (string)

dateReserved : 2024-02-19T14:20:24.180Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-04-10T13:53:49.492Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "686D6C3D-0C09-4C39-9651-BB0C3639BB0E", "versionEndExcluding": "4.19.311", "versionStartIncluding": "2.6.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55", "versionEndExcluding": "5.4.273", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8", "versionEndExcluding": "5.10.214", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B", "versionEndExcluding": "5.15.153", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19", "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B71866A7-EBBC-450A-A34B-D42B21232828", "versionEndIncluding": "6.8.12", "versionStartIncluding": "6.8.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: x86, relocs: ignorar reubicaciones en la secci\u00f3n .notes Al compilar con CONFIG_XEN_PV=y, los s\u00edmbolos .text se emiten en la secci\u00f3n .notes para que Xen pueda encontrar el punto de entrada \"startup_xen\" . Esta informaci\u00f3n se utiliza antes de iniciar el kernel, por lo que las reubicaciones no son \u00fatiles. De hecho, realizar reubicaciones en la secci\u00f3n .notes significa que la base KASLR est\u00e1 expuesta ya que /sys/kernel/notes es legible en todo el mundo. Para evitar filtrar la base de KASLR sin da\u00f1ar las herramientas sin privilegios que esperan leer /sys/kernel/notes, omita realizar reubicaciones en la secci\u00f3n .notes. Los valores legibles en .notes son id\u00e9nticos a los que se encuentran en System.map."}], "id": "CVE-2024-26816", "lastModified": "2025-03-27T21:10:26.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-10T14:15:07.490", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 686D6C3D-0C09-4C39-9651-BB0C3639BB0E (string)

versionEndExcluding : 4.19.311 (string)

versionStartIncluding : 2.6.23 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 620FD8B7-BF03-43E0-951A-0A58461D4C55 (string)

versionEndExcluding : 5.4.273 (string)

versionStartIncluding : 4.20 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 65987874-467B-4D3B-91D6-68A129B34FB8 (string)

versionEndExcluding : 5.10.214 (string)

versionStartIncluding : 5.5 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : ACB69438-845D-4E3C-B114-3140611F9C0B (string)

versionEndExcluding : 5.15.153 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 121A07F6-F505-4C47-86BF-9BB6CC7B6C19 (string)

versionEndExcluding : 6.1.83 (string)

versionStartIncluding : 5.16 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E00814DC-0BA7-431A-9926-80FEB4A96C68 (string)

versionEndExcluding : 6.6.23 (string)

versionStartIncluding : 6.2 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD (string)

versionEndExcluding : 6.7.11 (string)

versionStartIncluding : 6.7 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 543A75FF-25B8-4046-A514-1EA8EDD87AB1 (string)

versionEndExcluding : 6.8.2 (string)

versionStartIncluding : 6.8 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B71866A7-EBBC-450A-A34B-D42B21232828 (string)

versionEndIncluding : 6.8.12 (string)

versionStartIncluding : 6.8.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 07B237A9-69A3-4A9C-9DA0-4E06BD37AE73 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is used prior to booting the kernel, so relocations are not useful. In fact, performing relocations against the .notes section means that the KASLR base is exposed since /sys/kernel/notes is world-readable. To avoid leaking the KASLR base without breaking unprivileged tools that are expecting to read /sys/kernel/notes, skip performing relocations in the .notes section. The values readable in .notes are then identical to those found in System.map. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se resolvió la siguiente vulnerabilidad: x86, relocs: ignorar reubicaciones en la sección .notes Al compilar con CONFIG_XEN_PV=y, los símbolos .text se emiten en la sección .notes para que Xen pueda encontrar el punto de entrada "startup_xen" . Esta información se utiliza antes de iniciar el kernel, por lo que las reubicaciones no son útiles. De hecho, realizar reubicaciones en la sección .notes significa que la base KASLR está expuesta ya que /sys/kernel/notes es legible en todo el mundo. Para evitar filtrar la base de KASLR sin dañar las herramientas sin privilegios que esperan leer /sys/kernel/notes, omita realizar reubicaciones en la sección .notes. Los valores legibles en .notes son idénticos a los que se encuentran en System.map. (string)

}

]

id : CVE-2024-26816 (string)

lastModified : 2025-03-27T21:10:26.187 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-04-10T14:15:07.490 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c (string)

}

8 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/13edb509abc91c72152a11baaf0e7c060a312e03 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/47635b112a64b7b208224962471e7e42f110e723 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/52018aa146e3cf76569a9b1e6e49a2b7c8d4a088 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5cb59db49c9c0fccfd33b2209af4f7ae3c6ddf40 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a4e7ff1a74274e59a2de9bb57236542aa990d20a (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/aaa8736370db1a78f0e8434344a484f9fd20be3b (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/ae7079238f6faf1b94accfccf334e98b46a0c0aa (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/af2a9f98d884205145fd155304a6955822ccca1c (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/c7cff9780297d55d97ad068b68b703cfe53ef9af (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-770 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: x86, relocs: Ignore relocations in .notes section", "id": "2274474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274474"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-212", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nx86, relocs: Ignore relocations in .notes section\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.", "A flaw was found in the Linux kernel due to improper handling of relocations in the `.notes` section of ELF files. This flaw allows an attacker to bypass security mechanisms or corrupt memory."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-26816", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26816\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26816\nhttps://lore.kernel.org/linux-cve-announce/2024041039-CVE-2024-26816-5054@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}

{

bugzilla : { »

description : kernel: x86, relocs: Ignore relocations in .notes section (string)

id : 2274474 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2274474 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 6.0 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-212 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is used prior to booting the kernel, so relocations are not useful. In fact, performing relocations against the .notes section means that the KASLR base is exposed since /sys/kernel/notes is world-readable. To avoid leaking the KASLR base without breaking unprivileged tools that are expecting to read /sys/kernel/notes, skip performing relocations in the .notes section. The values readable in .notes are then identical to those found in System.map. (string)

1 : A flaw was found in the Linux kernel due to improper handling of relocations in the `.notes` section of ELF files. This flaw allows an attacker to bypass security mechanisms or corrupt memory. (string)

]

mitigation : { »

lang : en:us (string)

value : Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. (string)

}

name : CVE-2024-26816 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-04-10T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-26816 https://nvd.nist.gov/vuln/detail/CVE-2024-26816 https://lore.kernel.org/linux-cve-announce/2024041039-CVE-2024-26816-5054@gregkh/T (string)

]

statement : Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions. (string)

threat_severity : Moderate (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object