CVE-2024-42258

Advisory lineage Upstream: 0 Downstream: 9
Modified
Published: 12 Aug 2024, 14:16
Last modified:23 May 2026, 15:52

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.03% LOW
0% probability +0.01%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

12 Aug 2024, 14:16
Published
Vulnerability first disclosed
23 May 2026, 15:52
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. It is because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT. !CONFIG_64BIT should cover all 32 bit machines. [1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.03% Percentile: 10%

Techniques & Countermeasures

  • CWE-770Allocation of Resources Without Limits or Throttling

    The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Affected Systems

  • linuxlinux

    ≥ 87632bc9ecff5ded93433bc0fca428019bdd1cfe, < 89f2914dd4b47d2fad3deef0d700f9526d98d11f | ≥ 6ea9aa8d97e6563676094cb35755884173269555, < a5c399fe433a115e9d3693169b5f357f3194af0a | ≥ 4ef9ad19e17676b9ef071309bc62020e2373705d, < 7e1f4efb8d6140b2ec79bf760c43e1fc186e8dfc | ≥ 4ef9ad19e17676b9ef071309bc62020e2373705d, < d9592025000b3cf26c742f3505da7b83aedc26d5 | 7432376c913381c5f24d373a87ff629bbde94b47 | ≥ 6.1.81, < 6.1.105 | ≥ 6.7.6, < 6.8 | 6.8

  • linuxlinux_kernel

    ≥ 6.8, < 6.10.3

References (5)