CVE-2024-26710

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/04/2024
Last modified:
23/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/kasan: Limit KASAN thread size increase to 32KB<br /> <br /> KASAN is seen to increase stack usage, to the point that it was reported<br /> to lead to stack overflow on some 32-bit machines (see link).<br /> <br /> To avoid overflows the stack size was doubled for KASAN builds in<br /> commit 3e8635fb2e07 ("powerpc/kasan: Force thread size increase with<br /> KASAN").<br /> <br /> However with a 32KB stack size to begin with, the doubling leads to a<br /> 64KB stack, which causes build errors:<br /> arch/powerpc/kernel/switch.S:249: Error: operand out of range (0x000000000000fe50 is not between 0xffffffffffff8000 and 0x0000000000007fff)<br /> <br /> Although the asm could be reworked, in practice a 32KB stack seems<br /> sufficient even for KASAN builds - the additional usage seems to be in<br /> the 2-3KB range for a 64-bit KASAN build.<br /> <br /> So only increase the stack for KASAN if the stack size is

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.1.75 (including) 6.1.79 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.6.14 (including) 6.6.18 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7.2 (including) 6.7.6 (excluding)