CVE-2024-0564
Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page sharing=256", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's "max page share". Through these operations, the attacker can leak the victim's page.
| CWE | CWE-203 |
| Published | Jan 30, 2024 |
| Last Updated | Nov 21, 2025 |
Stay Ahead of the Next One
Get instant alerts for
Be the first to know when new medium vulnerabilities are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Versions
Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected References
access.redhat.com: https://access.redhat.com/security/cve/CVE-2024-0564 bugs.launchpad.net: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1680513 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2258514 link.springer.com: https://link.springer.com/conference/wisa wisa.or.kr: https://wisa.or.kr/accepted