CVE-2024-47676

UNKNOWN 0.0

mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before hugetlb_vma_unlock_read() is called. We can fix this by using a modified version of vmf_anon_prepare() that doesn't release the VMA lock on failure, and then release it ourselves after hugetlb_vma_unlock_read().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 21, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

9acad7ba3e25d11f4c96df1b7312ae89e6faca5c < e897d184a8dd4a4e1f39c8c495598e4d9472776c 9acad7ba3e25d11f4c96df1b7312ae89e6faca5c < d59ebc99dee0a2687a26df94b901eb8216dbf876 9acad7ba3e25d11f4c96df1b7312ae89e6faca5c < 98b74bb4d7e96b4da5ef3126511febe55b76b807

Linux / Linux

6.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/e897d184a8dd4a4e1f39c8c495598e4d9472776c git.kernel.org: https://git.kernel.org/stable/c/d59ebc99dee0a2687a26df94b901eb8216dbf876 git.kernel.org: https://git.kernel.org/stable/c/98b74bb4d7e96b4da5ef3126511febe55b76b807