CVE-2024-26705

parisc: BTLB: Fix crash when setting up BTLB at CPU bringup

Description

In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about the BTLB information to set up the static (block) TLB entries. For that write access to the static btlb_info struct is needed, but since it is marked __ro_after_init the kernel segfaults with missing write permissions. Fix the crash by dropping the __ro_after_init annotation.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/54944f45470af5965fb9c28cf962ec30f38a8f5b patch
https://git.kernel.org/stable/c/aa52be55276614d33f22fbe7da36c40d6432d10b patch
https://git.kernel.org/stable/c/913b9d443a0180cf0de3548f1ab3149378998486 patch

Frequently Asked Questions

What is the severity of CVE-2024-26705?
CVE-2024-26705 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26705?
To fix CVE-2024-26705, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26705 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26705 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26705?
CVE-2024-26705 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.