[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-36028":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":74,"related":75,"reserved_at":9,"published_at":89,"modified_at":90,"state":91,"summary":92,"references_raw":101,"kevs":120,"epss":121,"epss_history":124,"metrics":365,"affected":371},"CVE-2024-36028","In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio()\n\nWhen I did memory failure tests recently, below warning occurs:\n\nDEBUG_LOCKS_WARN_ON(1)\nWARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 __lock_acquire+0xccb/0x1ca0\nModules linked in: mce_inject hwpoison_inject\nCPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__lock_acquire+0xccb/0x1ca0\nRSP: 0018:ffffa7a1c7fe3bd0 EFLAGS: 00000082\nRAX: 0000000000000000 RBX: eb851eb853975fcf RCX: ffffa1ce5fc1c9c8\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffffa1ce5fc1c9c0\nRBP: ffffa1c6865d3280 R08: ffffffffb0f570a8 R09: 0000000000009ffb\nR10: 0000000000000286 R11: ffffffffb0f2ad50 R12: ffffa1c6865d3d10\nR13: ffffa1c6865d3c70 R14: 0000000000000000 R15: 0000000000000004\nFS:  00007ff9f32aa740(0000) GS:ffffa1ce5fc00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ff9f3134ba0 CR3: 00000008484e4000 CR4: 00000000000006f0\nCall Trace:\n \u003CTASK>\n lock_acquire+0xbe/0x2d0\n _raw_spin_lock_irqsave+0x3a/0x60\n hugepage_subpool_put_pages.part.0+0xe/0xc0\n free_huge_folio+0x253/0x3f0\n dissolve_free_huge_page+0x147/0x210\n __page_handle_poison+0x9/0x70\n memory_failure+0x4e6/0x8c0\n hard_offline_page_store+0x55/0xa0\n kernfs_fop_write_iter+0x12c/0x1d0\n vfs_write+0x380/0x540\n ksys_write+0x64/0xe0\n do_syscall_64+0xbc/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff9f3114887\nRSP: 002b:00007ffecbacb458 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007ff9f3114887\nRDX: 000000000000000c RSI: 0000564494164e10 RDI: 0000000000000001\nRBP: 0000564494164e10 R08: 00007ff9f31d1460 R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c\nR13: 00007ff9f321b780 R14: 00007ff9f3217600 R15: 00007ff9f3216a00\n \u003C/TASK>\nKernel panic - not syncing: kernel: panic_on_warn set ...\nCPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003CTASK>\n panic+0x326/0x350\n check_panic_on_warn+0x4f/0x50\n __warn+0x98/0x190\n report_bug+0x18e/0x1a0\n handle_bug+0x3d/0x70\n exc_invalid_op+0x18/0x70\n asm_exc_invalid_op+0x1a/0x20\nRIP: 0010:__lock_acquire+0xccb/0x1ca0\nRSP: 0018:ffffa7a1c7fe3bd0 EFLAGS: 00000082\nRAX: 0000000000000000 RBX: eb851eb853975fcf RCX: ffffa1ce5fc1c9c8\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffffa1ce5fc1c9c0\nRBP: ffffa1c6865d3280 R08: ffffffffb0f570a8 R09: 0000000000009ffb\nR10: 0000000000000286 R11: ffffffffb0f2ad50 R12: ffffa1c6865d3d10\nR13: ffffa1c6865d3c70 R14: 0000000000000000 R15: 0000000000000004\n lock_acquire+0xbe/0x2d0\n _raw_spin_lock_irqsave+0x3a/0x60\n hugepage_subpool_put_pages.part.0+0xe/0xc0\n free_huge_folio+0x253/0x3f0\n dissolve_free_huge_page+0x147/0x210\n __page_handle_poison+0x9/0x70\n memory_failure+0x4e6/0x8c0\n hard_offline_page_store+0x55/0xa0\n kernfs_fop_write_iter+0x12c/0x1d0\n vfs_write+0x380/0x540\n ksys_write+0x64/0xe0\n do_syscall_64+0xbc/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff9f3114887\nRSP: 002b:00007ffecbacb458 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007ff9f3114887\nRDX: 000000000000000c RSI: 0000564494164e10 RDI: 0000000000000001\nRBP: 0000564494164e10 R08: 00007ff9f31d1460 R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c\nR13: 00007ff9f321b780 R14: 00007ff9f3217600 R15: 00007ff9f3216a00\n \u003C/TASK>\n\nAfter git bisecting and digging into the code, I believe the root cause is\nthat _deferred_list field of folio is unioned with _hugetlb_subpool field.\nIn __update_and_free_hugetlb_folio(), folio->_deferred_\n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","weakness","Draft","Class","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[],[],[32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72],{"_key":33},"SUSE-SU-2025:02853-1",{"_key":35},"SUSE-SU-2025:02923-1",{"_key":37},"SUSE-SU-2025:02969-1",{"_key":39},"SUSE-SU-2025:03023-1",{"_key":41},"SUSE-SU-2025:02997-1",{"_key":43},"SUSE-SU-2025:03011-1",{"_key":45},"SUSE-SU-2025:20577-1",{"_key":47},"SUSE-SU-2025:20586-1",{"_key":49},"SUSE-SU-2025:20601-1",{"_key":51},"SUSE-SU-2025:20602-1",{"_key":53},"SUSE-SU-2025:02996-1",{"_key":55},"MGASA-2024-0263",{"_key":57},"MGASA-2024-0266",{"_key":59},"UBUNTU-CVE-2024-36028",{"_key":61},"DEBIAN-CVE-2024-36028",{"_key":63},"RHSA-2024:9315",{"_key":65},"USN-6949-1",{"_key":67},"USN-6949-2",{"_key":69},"USN-6952-1",{"_key":71},"USN-6952-2",{"_key":73},"USN-6955-1",[],[76,77,78,79,80,81,82,83,84,85,86,87,88],{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},"2024-05-30T15:19:42.538Z","2026-05-23T15:46:31.925Z","Analyzed",{"cisa_kev":93,"cisa_ransomware":93,"cisa_vendor":9,"epss_severity":94,"epss_score":95,"severity":96,"severity_score":97,"severity_version":98,"severity_source":99,"severity_vector":100,"severity_status":91},false,"low",0.00007,"medium",4.7,"v3.1","nvd","CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",[102,108,112,116],{"url":103,"sources":104,"tags":106},"https://git.kernel.org/stable/c/2effe407f7563add41750fd7e03da4ea44b98099",[105,99],"cve.org",[107],"Patch",{"url":109,"sources":110,"tags":111},"https://git.kernel.org/stable/c/7e0a322877416e8c648819a8e441cf8c790b2cce",[105,99],[107],{"url":113,"sources":114,"tags":115},"https://git.kernel.org/stable/c/9c9b32d46afab2d911897914181c488954012300",[105,99],[107],{"url":117,"sources":118,"tags":119},"https://git.kernel.org/stable/c/52ccdde16b6540abe43b6f8d8e1e1ec90b0983af",[105,99],[107],[],{"date":122,"score":95,"percentile":123},"2026-06-03",0.00598,[125,128,130,133,135,138,141,143,145,148,150,152,155,157,159,163,166,169,172,174,177,179,182,184,186,189,192,194,197,199,201,204,206,209,212,215,218,220,223,226,229,232,235,237,240,243,246,248,251,255,258,261,264,267,270,272,275,278,281,284,287,290,293,296,299,301,304,307,310,313,316,319,321,324,327,329,331,334,336,338,340,342,344,346,348,350,353,356,359,362],{"date":126,"score":95,"percentile":127},"2025-11-04",0.00374,{"date":129,"score":95,"percentile":127},"2025-11-05",{"date":131,"score":95,"percentile":132},"2025-11-06",0.00375,{"date":134,"score":95,"percentile":132},"2025-11-07",{"date":136,"score":95,"percentile":137},"2025-11-08",0.00373,{"date":139,"score":95,"percentile":140},"2025-11-09",0.00372,{"date":142,"score":95,"percentile":140},"2025-11-10",{"date":144,"score":95,"percentile":140},"2025-11-11",{"date":146,"score":95,"percentile":147},"2025-11-12",0.00367,{"date":149,"score":95,"percentile":147},"2025-11-13",{"date":151,"score":95,"percentile":147},"2025-11-14",{"date":153,"score":95,"percentile":154},"2025-11-15",0.00368,{"date":156,"score":95,"percentile":154},"2025-11-16",{"date":158,"score":95,"percentile":154},"2025-11-17",{"date":160,"score":161,"percentile":162},"2025-11-18",0.0007,0.17534,{"date":164,"score":161,"percentile":165},"2025-11-19",0.17554,{"date":167,"score":161,"percentile":168},"2025-11-20",0.17528,{"date":170,"score":95,"percentile":171},"2025-11-21",0.00377,{"date":173,"score":95,"percentile":171},"2025-11-22",{"date":175,"score":95,"percentile":176},"2025-11-23",0.00378,{"date":178,"score":95,"percentile":176},"2025-11-24",{"date":180,"score":95,"percentile":181},"2025-11-25",0.00379,{"date":183,"score":95,"percentile":176},"2025-11-26",{"date":185,"score":95,"percentile":176},"2025-11-27",{"date":187,"score":95,"percentile":188},"2025-11-28",0.00383,{"date":190,"score":95,"percentile":191},"2025-11-29",0.00385,{"date":193,"score":95,"percentile":191},"2025-11-30",{"date":195,"score":95,"percentile":196},"2025-12-01",0.00382,{"date":198,"score":95,"percentile":196},"2025-12-02",{"date":200,"score":95,"percentile":188},"2025-12-03",{"date":202,"score":95,"percentile":203},"2025-12-04",0.00389,{"date":205,"score":95,"percentile":203},"2025-12-05",{"date":207,"score":95,"percentile":208},"2025-12-06",0.00387,{"date":210,"score":95,"percentile":211},"2025-12-07",0.00388,{"date":213,"score":95,"percentile":214},"2025-12-08",0.00393,{"date":216,"score":95,"percentile":217},"2025-12-09",0.00404,{"date":219,"score":95,"percentile":217},"2025-12-10",{"date":221,"score":95,"percentile":222},"2025-12-11",0.00407,{"date":224,"score":95,"percentile":225},"2025-12-12",0.00411,{"date":227,"score":95,"percentile":228},"2025-12-13",0.0041,{"date":230,"score":95,"percentile":231},"2025-12-14",0.00408,{"date":233,"score":95,"percentile":234},"2025-12-15",0.00406,{"date":236,"score":95,"percentile":234},"2025-12-16",{"date":238,"score":95,"percentile":239},"2025-12-17",0.00405,{"date":241,"score":95,"percentile":242},"2025-12-18",0.00403,{"date":244,"score":95,"percentile":245},"2025-12-19",0.00401,{"date":247,"score":95,"percentile":245},"2025-12-20",{"date":249,"score":95,"percentile":250},"2025-12-21",0.004,{"date":252,"score":253,"percentile":254},"2025-12-22",0.00012,0.0125,{"date":256,"score":253,"percentile":257},"2025-12-23",0.01251,{"date":259,"score":253,"percentile":260},"2025-12-24",0.01253,{"date":262,"score":253,"percentile":263},"2025-12-25",0.01256,{"date":265,"score":253,"percentile":266},"2025-12-26",0.01258,{"date":268,"score":253,"percentile":269},"2025-12-27",0.01254,{"date":271,"score":253,"percentile":269},"2025-12-28",{"date":273,"score":253,"percentile":274},"2025-12-29",0.01246,{"date":276,"score":253,"percentile":277},"2025-12-30",0.01241,{"date":279,"score":253,"percentile":280},"2025-12-31",0.01239,{"date":282,"score":253,"percentile":283},"2026-01-01",0.01263,{"date":285,"score":253,"percentile":286},"2026-01-02",0.01257,{"date":288,"score":253,"percentile":289},"2026-01-03",0.0126,{"date":291,"score":253,"percentile":292},"2026-01-04",0.01228,{"date":294,"score":253,"percentile":295},"2026-01-05",0.01236,{"date":297,"score":253,"percentile":298},"2026-01-06",0.01233,{"date":300,"score":253,"percentile":295},"2026-01-07",{"date":302,"score":253,"percentile":303},"2026-01-08",0.01249,{"date":305,"score":253,"percentile":306},"2026-01-09",0.01266,{"date":308,"score":253,"percentile":309},"2026-01-10",0.01272,{"date":311,"score":253,"percentile":312},"2026-01-11",0.0127,{"date":314,"score":253,"percentile":315},"2026-01-12",0.01274,{"date":317,"score":253,"percentile":318},"2026-01-13",0.01271,{"date":320,"score":253,"percentile":312},"2026-01-14",{"date":322,"score":95,"percentile":323},"2026-01-15",0.00396,{"date":325,"score":95,"percentile":326},"2026-01-16",0.00397,{"date":328,"score":95,"percentile":326},"2026-01-17",{"date":330,"score":95,"percentile":245},"2026-01-18",{"date":332,"score":95,"percentile":333},"2026-01-19",0.00398,{"date":335,"score":95,"percentile":323},"2026-01-20",{"date":337,"score":95,"percentile":326},"2026-01-21",{"date":339,"score":95,"percentile":333},"2026-01-22",{"date":341,"score":95,"percentile":245},"2026-01-23",{"date":343,"score":95,"percentile":242},"2026-01-24",{"date":345,"score":95,"percentile":242},"2026-01-25",{"date":347,"score":95,"percentile":234},"2026-01-26",{"date":349,"score":95,"percentile":225},"2026-01-27",{"date":351,"score":95,"percentile":352},"2026-01-28",0.00414,{"date":354,"score":95,"percentile":355},"2026-01-29",0.00416,{"date":357,"score":95,"percentile":358},"2026-01-30",0.00426,{"date":360,"score":95,"percentile":361},"2026-01-31",0.0043,{"date":363,"score":95,"percentile":364},"2026-02-01",0.00431,[366],{"source":99,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":367,"cvss_v4_0":9},{"baseScore":97,"baseSeverity":368,"vectorString":100,"impactScore":369,"exploitabilityScore":370},"MEDIUM",6,2.6,[372,405],{"ecosystem":9,"name":373,"vendor":374,"product":374,"cpe_part":375,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":376},"Linux","linux","a",[377,384,388,391,394,396,400,404],{"version":378,"is_range":379,"range_type":105,"version_start":380,"version_start_type":381,"version_end":382,"version_end_type":383,"fixed_in":9},">= 1b4ce2952b4f33e198d5e993acff0611dff1e399, \u003C 2effe407f7563add41750fd7e03da4ea44b98099",true,"1b4ce2952b4f33e198d5e993acff0611dff1e399","including","2effe407f7563add41750fd7e03da4ea44b98099","excluding",{"version":385,"is_range":379,"range_type":105,"version_start":386,"version_start_type":381,"version_end":387,"version_end_type":383,"fixed_in":9},">= 32c877191e022b55fe3a374f3d7e9fb5741c514d, \u003C 7e0a322877416e8c648819a8e441cf8c790b2cce","32c877191e022b55fe3a374f3d7e9fb5741c514d","7e0a322877416e8c648819a8e441cf8c790b2cce",{"version":389,"is_range":379,"range_type":105,"version_start":386,"version_start_type":381,"version_end":390,"version_end_type":383,"fixed_in":9},">= 32c877191e022b55fe3a374f3d7e9fb5741c514d, \u003C 9c9b32d46afab2d911897914181c488954012300","9c9b32d46afab2d911897914181c488954012300",{"version":392,"is_range":379,"range_type":105,"version_start":386,"version_start_type":381,"version_end":393,"version_end_type":383,"fixed_in":9},">= 32c877191e022b55fe3a374f3d7e9fb5741c514d, \u003C 52ccdde16b6540abe43b6f8d8e1e1ec90b0983af","52ccdde16b6540abe43b6f8d8e1e1ec90b0983af",{"version":395,"is_range":93,"range_type":105,"version_start":395,"version_start_type":381,"version_end":395,"version_end_type":381,"fixed_in":9},"9a1a43a0e7e96911eaa00ad20b20f2edefb31d8a",{"version":397,"is_range":379,"range_type":105,"version_start":398,"version_start_type":381,"version_end":399,"version_end_type":383,"fixed_in":9},">= 6.1.47, \u003C 6.1.91","6.1.47","6.1.91",{"version":401,"is_range":379,"range_type":105,"version_start":402,"version_start_type":381,"version_end":403,"version_end_type":383,"fixed_in":9},">= 6.4.11, \u003C 6.5","6.4.11","6.5",{"version":403,"is_range":93,"range_type":105,"version_start":403,"version_start_type":381,"version_end":403,"version_end_type":381,"fixed_in":9},{"ecosystem":9,"name":406,"vendor":374,"product":407,"cpe_part":408,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":409},"linux kernel","linux_kernel","o",[410,413,415,419,423,424,426,428,430,432,434,436],{"version":411,"is_range":379,"range_type":412,"version_start":398,"version_start_type":381,"version_end":399,"version_end_type":383,"fixed_in":9},"gte6.1.47_lt6.1.91","cpe",{"version":414,"is_range":379,"range_type":412,"version_start":402,"version_start_type":381,"version_end":403,"version_end_type":383,"fixed_in":9},"gte6.4.11_lt6.5",{"version":416,"is_range":379,"range_type":412,"version_start":417,"version_start_type":381,"version_end":418,"version_end_type":383,"fixed_in":9},"gte6.5.1_lt6.6.31","6.5.1","6.6.31",{"version":420,"is_range":379,"range_type":412,"version_start":421,"version_start_type":381,"version_end":422,"version_end_type":383,"fixed_in":9},"gte6.7_lt6.8.9","6.7","6.8.9",{"version":403,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":425,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc6",{"version":427,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5:rc7",{"version":429,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc1",{"version":431,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc2",{"version":433,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc3",{"version":435,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc4",{"version":437,"is_range":93,"range_type":412,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc5"]