Main Vulnerability Database SB2024120320

SB2024120320 - Resource management error in Linux kernel mm

Published: December 3, 2024 Updated: May 12, 2025

Security Bulletin ID SB2024120320

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2024-53109)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the delete_vma_from_mm() function in mm/nommu.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/247d720b2c5d22f7281437fd6054a138256986ba
https://git.kernel.org/stable/c/8bbf0ab631cdf1dade6745f137cff98751e6ced7
https://git.kernel.org/stable/c/aceaf33b7666b72dfb86e0aa977be81e3bcbc727
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.10