Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONG_MAX, which can be easily triggered on UML/i386.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.1, < 5.4.287 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/1575df968650d11771359e5ac78278c5b0cc19f3Patch
- https://git.kernel.org/stable/c/1bd118c5f887802cef2d9ba0d1917258667f1caePatch
- https://git.kernel.org/stable/c/5c710f45811e7e2bfcf703980c306f19c7e1ecfePatch
- https://git.kernel.org/stable/c/a875c023155ea92b75d6323977003e64d92ae7fcPatch
- https://git.kernel.org/stable/c/a98b7761f697e590ed5d610d87fa12be66f23419Patch
- https://git.kernel.org/stable/c/a9c95f787b88b29165563fd97761032db77116e7Patch
- https://git.kernel.org/stable/c/d1a211e5210d31da8f49fc0021bf7129b726468cPatch
- https://git.kernel.org/stable/c/e6102b72edc4eb8c0858df00ba74b5ce579c8fa2Patch
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
FAQ
What is CVE-2024-53145?
CVE-2024-53145 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONG_MAX, which ...
How severe is CVE-2024-53145?
CVE-2024-53145 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-53145?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.