vulnerability

Debian: CVE-2024-43868: linux, linux-6.1 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Aug 21, 2024	Dec 2, 2024	Oct 13, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Aug 21, 2024

Added

Dec 2, 2024

Modified

Oct 13, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

riscv/purgatory: align riscv_kernel_entry

When alignment handling is delegated to the kernel, everything must be
word-aligned in purgatory, since the trap handler is then set to the
kexec one. Without the alignment, hitting the exception would
ultimately crash. On other occasions, the kernel's handler would take
care of exceptions.
This has been tested on a JH7110 SoC with oreboot and its SBI delegating
unaligned access exceptions and the kernel configured to handle them.

Solutions

debian-upgrade-linuxdebian-upgrade-linux-6-1

References

CVE-2024-43868
https://attackerkb.com/topics/CVE-2024-43868
DEBIAN-DSA-5818-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today