{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-40917", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.581Z", "datePublished": "2024-07-12T12:25:00.175Z", "dateUpdated": "2024-11-05T09:33:06.447Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:33:06.447Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: make memblock_set_node() also warn about use of MAX_NUMNODES\n\nOn an (old) x86 system with SRAT just covering space above 4Gb:\n\n ACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0xfffffffff] hotplug\n\nthe commit referenced below leads to this NUMA configuration no longer\nbeing refused by a CONFIG_NUMA=y kernel (previously\n\n NUMA: nodes only cover 6144MB of your 8185MB e820 RAM. Not used.\n No NUMA configuration found\n Faking a node at [mem 0x0000000000000000-0x000000027fffffff]\n\nwas seen in the log directly after the message quoted above), because of\nmemblock_validate_numa_coverage() checking for NUMA_NO_NODE (only). This\nin turn led to memblock_alloc_range_nid()'s warning about MAX_NUMNODES\ntriggering, followed by a NULL deref in memmap_init() when trying to\naccess node 64's (NODE_SHIFT=6) node data.\n\nTo compensate said change, make memblock_set_node() warn on and adjust\na passed in value of MAX_NUMNODES, just like various other functions\nalready do."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/memblock.c"], "versions": [{"version": "ff6c3d81f2e8", "lessThan": "22f742b8f738", "status": "affected", "versionType": "git"}, {"version": "ff6c3d81f2e8", "lessThan": "e0eec24e2e19", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/memblock.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.6", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/22f742b8f738918f683198a18ec3c691acda14c4"}, {"url": "https://git.kernel.org/stable/c/e0eec24e2e199873f43df99ec39773ad3af2bff7"}], "title": "memblock: make memblock_set_node() also warn about use of MAX_NUMNODES", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:55.350Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/22f742b8f738918f683198a18ec3c691acda14c4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0eec24e2e199873f43df99ec39773ad3af2bff7", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40917", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:05:43.202207Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:04.005Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/22f742b8f738918f683198a18ec3c691acda14c4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0eec24e2e199873f43df99ec39773ad3af2bff7", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:55.350Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40917", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:05:43.202207Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:14.339Z"}}], "cna": {"title": "memblock: make memblock_set_node() also warn about use of MAX_NUMNODES", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "ff6c3d81f2e8", "lessThan": "22f742b8f738", "versionType": "git"}, {"status": "affected", "version": "ff6c3d81f2e8", "lessThan": "e0eec24e2e19", "versionType": "git"}], "programFiles": ["mm/memblock.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.8"}, {"status": "unaffected", "version": "0", "lessThan": "6.8", "versionType": "semver"}, {"status": "unaffected", "version": "6.9.6", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["mm/memblock.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/22f742b8f738918f683198a18ec3c691acda14c4"}, {"url": "https://git.kernel.org/stable/c/e0eec24e2e199873f43df99ec39773ad3af2bff7"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: make memblock_set_node() also warn about use of MAX_NUMNODES\n\nOn an (old) x86 system with SRAT just covering space above 4Gb:\n\n ACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0xfffffffff] hotplug\n\nthe commit referenced below leads to this NUMA configuration no longer\nbeing refused by a CONFIG_NUMA=y kernel (previously\n\n NUMA: nodes only cover 6144MB of your 8185MB e820 RAM. Not used.\n No NUMA configuration found\n Faking a node at [mem 0x0000000000000000-0x000000027fffffff]\n\nwas seen in the log directly after the message quoted above), because of\nmemblock_validate_numa_coverage() checking for NUMA_NO_NODE (only). This\nin turn led to memblock_alloc_range_nid()'s warning about MAX_NUMNODES\ntriggering, followed by a NULL deref in memmap_init() when trying to\naccess node 64's (NODE_SHIFT=6) node data.\n\nTo compensate said change, make memblock_set_node() warn on and adjust\na passed in value of MAX_NUMNODES, just like various other functions\nalready do."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:33:06.447Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40917", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:33:06.447Z", "dateReserved": "2024-07-12T12:17:45.581Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-12T12:25:00.175Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: make memblock_set_node() also warn about use of MAX_NUMNODES\n\nOn an (old) x86 system with SRAT just covering space above 4Gb:\n\n ACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0xfffffffff] hotplug\n\nthe commit referenced below leads to this NUMA configuration no longer\nbeing refused by a CONFIG_NUMA=y kernel (previously\n\n NUMA: nodes only cover 6144MB of your 8185MB e820 RAM. Not used.\n No NUMA configuration found\n Faking a node at [mem 0x0000000000000000-0x000000027fffffff]\n\nwas seen in the log directly after the message quoted above), because of\nmemblock_validate_numa_coverage() checking for NUMA_NO_NODE (only). This\nin turn led to memblock_alloc_range_nid()'s warning about MAX_NUMNODES\ntriggering, followed by a NULL deref in memmap_init() when trying to\naccess node 64's (NODE_SHIFT=6) node data.\n\nTo compensate said change, make memblock_set_node() warn on and adjust\na passed in value of MAX_NUMNODES, just like various other functions\nalready do."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: memblock: make memblock_set_node() tambi\u00e9n advierte sobre el uso de MAX_NUMNODES En un sistema x86 (antiguo) con SRAT que solo cubre espacio superior a 4 Gb: ACPI: SRAT: Nodo 0 PXM 0 [mem 0x100000000 -0xfffffffff] hotplug, El commit a la que se hace referencia a continuaci\u00f3n hace que esta configuraci\u00f3n NUMA ya no sea rechazada por un kernel CONFIG_NUMA=y (anteriormente NUMA: los nodos solo cubren 6144 MB de su RAM e820 de 8185 MB. No se usa. No se encontr\u00f3 ninguna configuraci\u00f3n NUMA Falsificar un nodo en [mem 0x0000000000000000-0x000000027fffffff] se vio en el registro directamente despu\u00e9s del mensaje citado anteriormente), debido a que memblock_validate_numa_coverage() verifica NUMA_NO_NODE (solamente). Esto a su vez llev\u00f3 a la advertencia de memblock_alloc_range_nid() sobre la activaci\u00f3n de MAX_NUMNODES, seguida de una deref NULL en memmap_init() al intentar acceder a los datos del nodo 64 (NODE_SHIFT=6). Para compensar dicho cambio, active memblock_set_node() y ajuste un valor pasado de MAX_NUMNODES, tal como lo hacen otras funciones."}], "id": "CVE-2024-40917", "lastModified": "2024-07-12T16:34:58.687", "metrics": {}, "published": "2024-07-12T13:15:14.797", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/22f742b8f738918f683198a18ec3c691acda14c4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e0eec24e2e199873f43df99ec39773ad3af2bff7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: memblock: make memblock_set_node() also warn about use of MAX_NUMNODES", "id": "2297501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297501"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmemblock: make memblock_set_node() also warn about use of MAX_NUMNODES\nOn an (old) x86 system with SRAT just covering space above 4Gb:\nACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0xfffffffff] hotplug\nthe commit referenced below leads to this NUMA configuration no longer\nbeing refused by a CONFIG_NUMA=y kernel (previously\nNUMA: nodes only cover 6144MB of your 8185MB e820 RAM. Not used.\nNo NUMA configuration found\nFaking a node at [mem 0x0000000000000000-0x000000027fffffff]\nwas seen in the log directly after the message quoted above), because of\nmemblock_validate_numa_coverage() checking for NUMA_NO_NODE (only). This\nin turn led to memblock_alloc_range_nid()'s warning about MAX_NUMNODES\ntriggering, followed by a NULL deref in memmap_init() when trying to\naccess node 64's (NODE_SHIFT=6) node data.\nTo compensate said change, make memblock_set_node() warn on and adjust\na passed in value of MAX_NUMNODES, just like various other functions\nalready do.", "A flaw was found in `memblock_set_node()` in the Linux Kernel, where invalid NUMA node values exceeding `MAX_NUMNODES` could cause system crashes due to a NULL pointer dereference."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-40917", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-40917\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-40917\nhttps://lore.kernel.org/linux-cve-announce/2024071211-CVE-2024-40917-0a05@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 6.9.6, kernel 6.10-rc4"}