{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T23:08:00.879","vulnerabilities":[{"cve":{"id":"CVE-2024-36881","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-05-30T16:15:11.723","lastModified":"2025-04-01T18:34:35.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/userfaultfd: reset ptes when close() for wr-protected ones\n\nUserfaultfd unregister includes a step to remove wr-protect bits from all\nthe relevant pgtable entries, but that only covered an explicit\nUFFDIO_UNREGISTER ioctl, not a close() on the userfaultfd itself.  Cover\nthat too.  This fixes a WARN trace.\n\nThe only user visible side effect is the user can observe leftover\nwr-protect bits even if the user close()ed on an userfaultfd when\nreleasing the last reference of it.  However hopefully that should be\nharmless, and nothing bad should happen even if so.\n\nThis change is now more important after the recent page-table-check\npatch we merged in mm-unstable (446dd9ad37d0 (\"mm/page_table_check:\nsupport userfault wr-protect entries\")), as we'll do sanity check on\nuffd-wp bits without vma context.  So it's better if we can 100%\nguarantee no uffd-wp bit leftovers, to make sure each report will be\nvalid."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/userfaultfd: restablece ptes al cerrar() para los protegidos por wr. Userfaultfd unregister incluye un paso para eliminar los bits de wr-protect de todas las entradas relevantes de pgtable, pero eso solo cubre una UFFDIO_UNREGISTER ioctl explícito, no un close() en el propio userfaultfd. Cubre eso también. Esto corrige un rastro WARN. El único efecto secundario visible para el usuario es que puede observar los bits wr-protect sobrantes incluso si el usuario cerró () en un userfaultfd al liberar la última referencia del mismo. Sin embargo, es de esperar que eso sea inofensivo y, aun así, no debería pasar nada malo. Este cambio ahora es más importante después del reciente parche de verificación de tabla de páginas que fusionamos en mm-unstable (446dd9ad37d0 (\"mm/page_table_check: admite entradas de protección wr de error de usuario\")), ya que haremos una verificación de cordura en uffd-wp. bits sin contexto vma. Por lo tanto, es mejor si podemos garantizar al 100% que no queden restos de bits de uffd-wp, para asegurarnos de que cada informe sea válido."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.19.6","versionEndExcluding":"6.6.31","matchCriteriaId":"513F4557-6F2C-4B5B-B6CA-A7A4B230C56C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.8.10","matchCriteriaId":"6A6B920C-8D8F-4130-86B4-AD334F4CF2E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*","matchCriteriaId":"22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*","matchCriteriaId":"DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*","matchCriteriaId":"52048DDA-FC5A-4363-95A0-A6357B4D7F8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*","matchCriteriaId":"A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*","matchCriteriaId":"F850DCEC-E08B-4317-A33B-D2DCF39F601B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*","matchCriteriaId":"91326417-E981-482E-A5A3-28BC1327521B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*","matchCriteriaId":"DAECDCD8-F556-4606-8D7B-5C6D47A501F2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/377f3a9a3d032a52325a5b110379a25dd1ab1931","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8d8b68a5b0c9fb23d37df06bb273ead38fd5a29d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c88033efe9a391e72ba6b5df4b01d6e628f4e734","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/377f3a9a3d032a52325a5b110379a25dd1ab1931","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8d8b68a5b0c9fb23d37df06bb273ead38fd5a29d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c88033efe9a391e72ba6b5df4b01d6e628f4e734","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}