vulnerability

Ubuntu: (Multiple Advisories) (CVE-2024-26710): Linux kernel vulnerabilities

Severity
4
CVSS
(AV:L/AC:L/Au:M/C:N/I:N/A:C)
Published
04/03/2024
Added
07/15/2024
Modified
03/19/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

powerpc/kasan: Limit KASAN thread size increase to 32KB

KASAN is seen to increase stack usage, to the point that it was reported
to lead to stack overflow on some 32-bit machines (see link).

To avoid overflows the stack size was doubled for KASAN builds in
commit 3e8635fb2e07 ("powerpc/kasan: Force thread size increase with
KASAN").

However with a 32KB stack size to begin with, the doubling leads to a
64KB stack, which causes build errors:
arch/powerpc/kernel/switch.S:249: Error: operand out of range (0x000000000000fe50 is not between 0xffffffffffff8000 and 0x0000000000007fff)

Although the asm could be reworked, in practice a 32KB stack seems
sufficient even for KASAN builds - the additional usage seems to be in
the 2-3KB range for a 64-bit KASAN build.

So only increase the stack for KASAN if the stack size is

Solution(s)

ubuntu-upgrade-linux-image-6-5-0-1017-starfiveubuntu-upgrade-linux-image-6-5-0-1020-raspiubuntu-upgrade-linux-image-6-5-0-1023-awsubuntu-upgrade-linux-image-6-5-0-1023-nvidiaubuntu-upgrade-linux-image-6-5-0-1023-nvidia-64kubuntu-upgrade-linux-image-6-5-0-1024-azureubuntu-upgrade-linux-image-6-5-0-1024-azure-fdeubuntu-upgrade-linux-image-6-5-0-1024-gcpubuntu-upgrade-linux-image-6-5-0-1026-oracleubuntu-upgrade-linux-image-6-5-0-1026-oracle-64kubuntu-upgrade-linux-image-6-5-0-1027-oemubuntu-upgrade-linux-image-6-5-0-44-genericubuntu-upgrade-linux-image-6-5-0-44-generic-64kubuntu-upgrade-linux-image-6-5-0-44-lowlatencyubuntu-upgrade-linux-image-6-5-0-44-lowlatency-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-nvidia-6-5ubuntu-upgrade-linux-image-nvidia-64k-6-5ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-starfiveubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-22-04
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.