{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-41065","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-07-12T12:17:45.628Z","datePublished":"2024-07-29T14:57:27.011Z","dateUpdated":"2026-01-05T10:37:31.242Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-01-05T10:37:31.242Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Whitelist dtl slub object for copying to userspace\n\nReading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu-*\nresults in a BUG() when the config CONFIG_HARDENED_USERCOPY is enabled as\nshown below.\n\n    kernel BUG at mm/usercopy.c:102!\n    Oops: Exception in kernel mode, sig: 5 [#1]\n    LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries\n    Modules linked in: xfs libcrc32c dm_service_time sd_mod t10_pi sg ibmvfc\n    scsi_transport_fc ibmveth pseries_wdt dm_multipath dm_mirror dm_region_hash dm_log dm_mod fuse\n    CPU: 27 PID: 1815 Comm: python3 Not tainted 6.10.0-rc3 #85\n    Hardware name: IBM,9040-MRX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NM1060_042) hv:phyp pSeries\n    NIP:  c0000000005d23d4 LR: c0000000005d23d0 CTR: 00000000006ee6f8\n    REGS: c000000120c078c0 TRAP: 0700   Not tainted  (6.10.0-rc3)\n    MSR:  8000000000029033 <SF,EE,ME,IR,DR,RI,LE>  CR: 2828220f  XER: 0000000e\n    CFAR: c0000000001fdc80 IRQMASK: 0\n    [ ... GPRs omitted ... ]\n    NIP [c0000000005d23d4] usercopy_abort+0x78/0xb0\n    LR [c0000000005d23d0] usercopy_abort+0x74/0xb0\n    Call Trace:\n     usercopy_abort+0x74/0xb0 (unreliable)\n     __check_heap_object+0xf8/0x120\n     check_heap_object+0x218/0x240\n     __check_object_size+0x84/0x1a4\n     dtl_file_read+0x17c/0x2c4\n     full_proxy_read+0x8c/0x110\n     vfs_read+0xdc/0x3a0\n     ksys_read+0x84/0x144\n     system_call_exception+0x124/0x330\n     system_call_vectored_common+0x15c/0x2ec\n    --- interrupt: 3000 at 0x7fff81f3ab34\n\nCommit 6d07d1cd300f (\"usercopy: Restrict non-usercopy caches to size 0\")\nrequires that only whitelisted areas in slab/slub objects can be copied to\nuserspace when usercopy hardening is enabled using CONFIG_HARDENED_USERCOPY.\nDtl contains hypervisor dispatch events which are expected to be read by\nprivileged users. Hence mark this safe for user access.\nSpecify useroffset=0 and usersize=DISPATCH_LOG_BYTES to whitelist the\nentire object."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/powerpc/platforms/pseries/setup.c"],"versions":[{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"a7b952941ce07e1e7a2cafd08c64a98e14f553e6","status":"affected","versionType":"git"},{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"6b16098148ea58a67430d90e20476be2377c3acd","status":"affected","versionType":"git"},{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"e59822f9d700349cd17968d22c979db23a2d347f","status":"affected","versionType":"git"},{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"1ee68686d1e2a5da35d5650be0be1ce06fe2ceb2","status":"affected","versionType":"git"},{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"e512a59b472684d8585125101ab03b86c2c1348a","status":"affected","versionType":"git"},{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"0f5892212c27be31792ef1daa89c8dac1b3047e4","status":"affected","versionType":"git"},{"version":"af442a1baa6d00117cc7e7377ce7e6a545268684","lessThan":"1a14150e1656f7a332a943154fc486504db4d586","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/powerpc/platforms/pseries/setup.c"],"versions":[{"version":"3.0","status":"affected"},{"version":"0","lessThan":"3.0","status":"unaffected","versionType":"semver"},{"version":"5.4.281","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.223","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.164","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.101","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.42","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.9.11","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"5.4.281"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"5.10.223"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"5.15.164"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"6.1.101"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"6.6.42"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"6.9.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"6.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/a7b952941ce07e1e7a2cafd08c64a98e14f553e6"},{"url":"https://git.kernel.org/stable/c/6b16098148ea58a67430d90e20476be2377c3acd"},{"url":"https://git.kernel.org/stable/c/e59822f9d700349cd17968d22c979db23a2d347f"},{"url":"https://git.kernel.org/stable/c/1ee68686d1e2a5da35d5650be0be1ce06fe2ceb2"},{"url":"https://git.kernel.org/stable/c/e512a59b472684d8585125101ab03b86c2c1348a"},{"url":"https://git.kernel.org/stable/c/0f5892212c27be31792ef1daa89c8dac1b3047e4"},{"url":"https://git.kernel.org/stable/c/1a14150e1656f7a332a943154fc486504db4d586"}],"title":"powerpc/pseries: Whitelist dtl slub object for copying to userspace","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/a7b952941ce07e1e7a2cafd08c64a98e14f553e6","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6b16098148ea58a67430d90e20476be2377c3acd","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e59822f9d700349cd17968d22c979db23a2d347f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/1ee68686d1e2a5da35d5650be0be1ce06fe2ceb2","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e512a59b472684d8585125101ab03b86c2c1348a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/0f5892212c27be31792ef1daa89c8dac1b3047e4","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/1a14150e1656f7a332a943154fc486504db4d586","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:00:14.771Z"}},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-41065","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T16:21:55.941792Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:32:58.163Z"}}]}}