CVE-2024-53137

EPSS 0.04%
Published 04.12.2024 15:15:13
Last modified 01.10.2025 21:16:35
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

ARM: fix cacheflush with PAN

It seems that the cacheflush syscall got broken when PAN for LPAE was
implemented. User access was not enabled around the cache maintenance
instructions, causing them to fault.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.10 < 6.11.10

Linux ≫ Linux Kernel Version6.12 Updaterc1

Linux ≫ Linux Kernel Version6.12 Updaterc2

Linux ≫ Linux Kernel Version6.12 Updaterc3

Linux ≫ Linux Kernel Version6.12 Updaterc4

Linux ≫ Linux Kernel Version6.12 Updaterc5

Linux ≫ Linux Kernel Version6.12 Updaterc6

Linux ≫ Linux Kernel Version6.12 Updaterc7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.093

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/ca29cfcc4a21083d671522ad384532e28a43f033

Patch

https://git.kernel.org/stable/c/e6960a2ed49c9a25357817535f7cc50594a58604

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-53137

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-53137

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-53137

EUVD