CVE-2024-53137: ARM: fix cacheflush with PAN

0.0 CVSS

Description

In the Linux kernel, the following vulnerability has been resolved:

ARM: fix cacheflush with PAN

It seems that the cacheflush syscall got broken when PAN for LPAE was
implemented. User access was not enabled around the cache maintenance
instructions, causing them to fault.

Classification

CVE ID: CVE-2024-53137

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://git.kernel.org/stable/c/e6960a2ed49c9a25357817535f7cc50594a58604
https://git.kernel.org/stable/c/ca29cfcc4a21083d671522ad384532e28a43f033

Timeline

2024-12-05 00:32:55 UTC
CVE

ARM: fix cacheflush with PAN