CVE-2024-26621

mm: huge_memory: don't force huge page alignment on 32 bit

Description

In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: don't force huge page alignment on 32 bit commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") caused two issues [1] [2] reported on 32 bit system or compat userspace. It doesn't make too much sense to force huge page alignment on 32 bit system due to the constrained virtual address space. [1] https://lore.kernel.org/linux-mm/d0a136a0-4a31-46bc-adf4-2db109a61672@kernel.org/ [2] https://lore.kernel.org/linux-mm/CAJuCfpHXLdQy1a2B6xN2d7quTYwg2OoZseYPZTRpU0eHHKD-sQ@mail.gmail.com/

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/87632bc9ecff5ded93433bc0fca428019bdd1cfe patch
https://git.kernel.org/stable/c/6ea9aa8d97e6563676094cb35755884173269555 patch
https://git.kernel.org/stable/c/7432376c913381c5f24d373a87ff629bbde94b47 patch
https://git.kernel.org/stable/c/4ef9ad19e17676b9ef071309bc62020e2373705d patch
http://www.openwall.com/lists/oss-security/2024/07/08/3 patch
http://www.openwall.com/lists/oss-security/2024/07/08/4 patch
http://www.openwall.com/lists/oss-security/2024/07/08/5 patch
http://www.openwall.com/lists/oss-security/2024/07/08/6 patch
http://www.openwall.com/lists/oss-security/2024/07/08/7 patch
http://www.openwall.com/lists/oss-security/2024/07/08/8 patch
http://www.openwall.com/lists/oss-security/2024/07/09/1 patch
http://www.openwall.com/lists/oss-security/2024/07/10/5 patch
http://www.openwall.com/lists/oss-security/2024/07/10/7 patch
http://www.openwall.com/lists/oss-security/2024/07/10/8 patch
http://www.openwall.com/lists/oss-security/2024/07/11/4 patch
http://www.openwall.com/lists/oss-security/2024/07/11/5 patch
http://www.openwall.com/lists/oss-security/2024/07/11/7 patch
http://www.openwall.com/lists/oss-security/2024/07/12/3 patch
http://www.openwall.com/lists/oss-security/2024/07/13/2 patch
http://www.openwall.com/lists/oss-security/2024/07/13/7 patch
http://www.openwall.com/lists/oss-security/2024/07/15/1 patch
http://www.openwall.com/lists/oss-security/2024/07/15/2 patch
http://www.openwall.com/lists/oss-security/2024/07/16/1 patch
http://www.openwall.com/lists/oss-security/2024/07/16/2 patch
http://www.openwall.com/lists/oss-security/2024/07/29/2 patch
http://www.openwall.com/lists/oss-security/2024/07/30/2 patch
https://zolutal.github.io/aslrnt/ patch

Frequently Asked Questions

What is the severity of CVE-2024-26621?
CVE-2024-26621 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26621?
To fix CVE-2024-26621, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26621 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26621 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26621?
CVE-2024-26621 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.