Updated: 2025-05-15 04:43:53.224467
Description:
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Needs Triage | 2023-11-20 10:14:09 | ||
| CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2024-09-03 14:38:58 | ||
| CentOS 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Not Vulnerable | 2024-07-01 10:18:49 | ||
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Needs Triage | 2023-08-03 00:11:09 | ||
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Needs Triage | 2023-08-03 00:11:07 | ||
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2024-09-03 14:38:58 | ||
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2024-09-03 14:38:56 | ||
| Ubuntu 16.04 ELS | linux | 4.4.0 | 7.8 | HIGH | Needs Triage | 2023-10-26 17:29:40 | ||
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.8 | HIGH | Needs Triage | 2023-10-26 17:28:19 | ||
| Ubuntu 18.04 ELS | linux | 4.15.0 | 7.8 | HIGH | Needs Triage | 2023-10-26 17:29:39 |