{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T06:58:40.364","vulnerabilities":[{"cve":{"id":"CVE-2024-38661","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-06-25T15:15:13.630","lastModified":"2024-11-21T09:26:34.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ap: Fix crash in AP internal function modify_bitmap()\n\nA system crash like this\n\n  Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403\n  Fault in home space mode while using kernel ASCE.\n  AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d\n  Oops: 0038 ilc:3 [#1] PREEMPT SMP\n  Modules linked in: mlx5_ib ...\n  CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8\n  Hardware name: IBM 3931 A01 704 (LPAR)\n  Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)\n  R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n  Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3\n  000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0\n  000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff\n  000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8\n  Krnl Code: 0000014b75e7b5fc: a7840047            brc     8,0000014b75e7b68a\n  0000014b75e7b600: 18b2                lr      %r11,%r2\n  #0000014b75e7b602: a7f4000a            brc     15,0000014b75e7b616\n  >0000014b75e7b606: eb22d00000e6        laog    %r2,%r2,0(%r13)\n  0000014b75e7b60c: a7680001            lhi     %r6,1\n  0000014b75e7b610: 187b                lr      %r7,%r11\n  0000014b75e7b612: 84960021            brxh    %r9,%r6,0000014b75e7b654\n  0000014b75e7b616: 18e9                lr      %r14,%r9\n  Call Trace:\n  [<0000014b75e7b606>] ap_parse_bitmap_str+0x10e/0x1f8\n  ([<0000014b75e7b5dc>] ap_parse_bitmap_str+0xe4/0x1f8)\n  [<0000014b75e7b758>] apmask_store+0x68/0x140\n  [<0000014b75679196>] kernfs_fop_write_iter+0x14e/0x1e8\n  [<0000014b75598524>] vfs_write+0x1b4/0x448\n  [<0000014b7559894c>] ksys_write+0x74/0x100\n  [<0000014b7618a440>] __do_syscall+0x268/0x328\n  [<0000014b761a3558>] system_call+0x70/0x98\n  INFO: lockdep is turned off.\n  Last Breaking-Event-Address:\n  [<0000014b75e7b636>] ap_parse_bitmap_str+0x13e/0x1f8\n  Kernel panic - not syncing: Fatal exception: panic_on_oops\n\noccured when /sys/bus/ap/a[pq]mask was updated with a relative mask value\n(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.\n\nThe fix is simple: use unsigned long values for the internal variables. The\ncorrect checks are already in place in the function but a simple int for\nthe internal variables was used with the possibility to overflow."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/ap: Se corrigió el fallo en la función interna del AP modificar_bitmap() Un fallo del sistema como este Dirección de error: 200000cb7df6f000 TEID: 200000cb7df6f403 Fallo en el modo de espacio de inicio al usar el kernel ASCE. AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d Ups: 0038 ilc:3 [#1] Módulos SMP PREEMPT vinculados en: mlx5_ib... CPU: 8 PID: 7556 Comm: bash No contaminado 6.9.0-rc7 #8 Nombre de hardware: IBM 3931 A01 704 (LPAR) Krnl PSW: 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8) R:0 T:1 IO:1 EX:1 Clave:0 M:1 W:0 P:0 AS:3 CC :2 PM:0 RI:0 EA:3 Krnl GPRS: 0000000000000001 ffffffffffffffc0 000000000000001 00000048f96b75d3 000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7 df6fce0 000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff 000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8 K Código rnl: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a 0000014b75e7b600: 18b2 lr %r11,%r2 # 0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616 &gt;0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13) 0000014b75e7b60c: a7680001 l hola %r6,1 0000014b75e7b610: 187b lr %r7,%r11 0000014b75e7b612: 84960021 brxh %r9,%r6, 0000014b75e7b654 0000014b75e7b616: 18e9 lr %r14,%r9 Seguimiento de llamadas: [&lt;0000014b75e7b606&gt;] ap_parse_bitmap_str+0x10e/0x1f8 ([&lt;0000014b75e7b5dc&gt;] bitmap_str+0xe4/0x1f8) [&lt;0000014b75e7b758&gt;] apmask_store+0x68/0x140 [&lt;0000014b75679196&gt;] kernfs_fop_write_iter+0x14e/0x1e8 [&lt;0000014b75598524&gt;] vfs_write+0x1b4/0x448 [&lt;0000014b7559894c&gt;] ksys_write+0x74/0x100 [&lt;0000014b7618a440&gt;] syscall+0x268/0x328 [&lt;0000014b761a3558&gt;] system_call+0x70/0x98 INFORMACIÓN: lockdep está activado apagado. Última dirección del último evento de última hora: [&lt;0000014b75e7b636&gt;] ap_parse_bitmap_str+0x13e/0x1f8 Pánico del kernel: no se sincroniza: Excepción fatal: pánico_on_oops ocurrió cuando /sys/bus/ap/a[pq]mask se actualizó con un valor de máscara relativo (como +0x10-0x12,+60,-90) con uno de los valores numéricos que excede INT_MAX. La solución es simple: use valores largos sin signo para las variables internas. Las comprobaciones correctas ya están implementadas en la función, pero se usó un int simple para las variables internas con posibilidad de desbordamiento."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"4.19.316","matchCriteriaId":"86D353F1-8F3A-45CF-8A7A-0DB46F77D2BF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.278","matchCriteriaId":"7FDBF235-DA18-49A1-8690-6C7272FD0701"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.219","matchCriteriaId":"E9063AF3-D593-43B7-810D-58B87F82F9F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.161","matchCriteriaId":"31130639-53FE-4726-8986-434EE2528CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.94","matchCriteriaId":"9D20DE32-76F8-4E4C-A8DF-5B53082D18E5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.34","matchCriteriaId":"6BD9DCFD-0342-4039-B8CE-70F26DB7173B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.9.5","matchCriteriaId":"8366481F-770F-4850-9D0F-2977BD97D5C5"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2062e3f1f2374102f8014d7ca286b9aa527bd558","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4c0bfb4e867c1ec6616a5049bd3618021e127056","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/67011123453b91ec03671d40712fa213e94a01b9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7360cef95aa1ea2b5efb7b5e2ed32e941664e1f0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7c72af16abf2ec7520407098360bbba312289e05","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7dabe54a016defe11bb2a278cd9f1ff6db3feba6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8c5f5911c1b13170d3404eb992c6a0deaa8d81ad","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d4f9d5a99a3fd1b1c691b7a1a6f8f3f25f4116c9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2062e3f1f2374102f8014d7ca286b9aa527bd558","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4c0bfb4e867c1ec6616a5049bd3618021e127056","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/67011123453b91ec03671d40712fa213e94a01b9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7360cef95aa1ea2b5efb7b5e2ed32e941664e1f0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7c72af16abf2ec7520407098360bbba312289e05","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7dabe54a016defe11bb2a278cd9f1ff6db3feba6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8c5f5911c1b13170d3404eb992c6a0deaa8d81ad","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d4f9d5a99a3fd1b1c691b7a1a6f8f3f25f4116c9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}