CVE-2024-56677: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() During early init CMA_MIN_ALIGNMENT_BYTES can be PAGE_SIZE, since pageblock_order is still zero and it gets initialized later during initmem_init() e.g. setup_arch() -> initmem_init() -> sparse_init() -> set_pageblock_order() One such use case where this causes issue is - early_setup() -> early_init_devtree() -> fadump_reserve_mem() -> fadump_cma_init() This causes CMA memory alignment check to be bypassed in cma_init_reserved_mem(). Then later cma_activate_area() can hit a VM_BUG_ON_PAGE(pfn & ((1 << order) - 1)) if the reserved memory area was not pageblock_order aligned. Fix it by moving the fadump_cma_init() after initmem_init(), where other such cma reservations also gets called. <stack trace> ============== page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10010 flags: 0x13ffff800000000(node=1|zone=0|lastcpupid=0x7ffff) CMA raw: 013ffff800000000 5deadbeef0000100 5deadbeef0000122 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: VM_BUG_ON_PAGE(pfn & ((1 << order) - 1)) ------------[ cut here ]------------ kernel BUG at mm/page_alloc.c:778! Call Trace: __free_one_page+0x57c/0x7b0 (unreliable) free_pcppages_bulk+0x1a8/0x2c8 free_unref_page_commit+0x3d4/0x4e4 free_unref_page+0x458/0x6d0 init_cma_reserved_pageblock+0x114/0x198 cma_init_reserved_areas+0x270/0x3e0 do_one_initcall+0x80/0x2f8 kernel_init_freeable+0x33c/0x530 kernel_init+0x34/0x26c ret_from_kernel_user_thread+0x14/0x1c
AI Analysis
Technical Summary
CVE-2024-56677 is a vulnerability identified in the Linux kernel specifically related to the powerpc architecture's firmware-assisted dump (fadump) feature. The issue arises from the improper initialization sequence of the contiguous memory allocator (CMA) reserved memory area during early system initialization. In detail, the function fadump_cma_init() is called before the initmem_init() function, which is responsible for setting the pageblock_order value. Because pageblock_order remains zero at this early stage, the CMA_MIN_ALIGNMENT_BYTES is incorrectly set to PAGE_SIZE, causing the CMA memory alignment checks to be bypassed in cma_init_reserved_mem(). This misalignment leads to a potential kernel BUG triggered by cma_activate_area() when it encounters a reserved memory area that is not aligned according to the pageblock_order. The kernel panic is evidenced by a VM_BUG_ON_PAGE assertion failure, indicating a critical memory management error. The fix involves moving the fadump_cma_init() call to occur after initmem_init(), ensuring that pageblock_order is properly initialized before CMA memory reservations are processed. This vulnerability affects Linux kernel versions identified by the commit hash 11ac3e87ce09c27f4587a8c4fe0829d814021a82 and relates to the powerpc architecture's fadump functionality. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability primarily impacts systems running Linux kernels on powerpc architectures with the fadump feature enabled. While powerpc is less common than x86_64 in typical enterprise environments, it is used in certain specialized servers, embedded systems, and legacy infrastructure. The vulnerability can cause kernel panics and system crashes due to memory management faults, leading to denial of service (DoS) conditions. This can disrupt critical services, especially in environments relying on high availability and stability, such as telecommunications, industrial control systems, and research institutions using powerpc-based hardware. Although no direct remote code execution or privilege escalation is indicated, the denial of service impact can be severe, potentially causing downtime and requiring manual intervention to recover affected systems. The lack of known exploits reduces immediate risk, but the vulnerability's presence in kernel memory management means that any exploitation or triggering of the bug could have significant operational consequences.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions where this vulnerability is patched, specifically ensuring that the fix moving fadump_cma_init() after initmem_init() is applied. For systems where upgrading the kernel is not immediately feasible, disabling the fadump feature on powerpc systems can mitigate the risk by preventing the vulnerable code path from executing. Additionally, organizations should audit their infrastructure to identify any powerpc-based Linux systems with fadump enabled and monitor system logs for kernel BUG or VM_BUG_ON_PAGE messages indicative of this issue. Implementing robust system monitoring and alerting for kernel panics will help detect potential exploitation or triggering of this vulnerability early. Finally, testing kernel updates in controlled environments before deployment can prevent unexpected downtime due to kernel instability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy
CVE-2024-56677: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() During early init CMA_MIN_ALIGNMENT_BYTES can be PAGE_SIZE, since pageblock_order is still zero and it gets initialized later during initmem_init() e.g. setup_arch() -> initmem_init() -> sparse_init() -> set_pageblock_order() One such use case where this causes issue is - early_setup() -> early_init_devtree() -> fadump_reserve_mem() -> fadump_cma_init() This causes CMA memory alignment check to be bypassed in cma_init_reserved_mem(). Then later cma_activate_area() can hit a VM_BUG_ON_PAGE(pfn & ((1 << order) - 1)) if the reserved memory area was not pageblock_order aligned. Fix it by moving the fadump_cma_init() after initmem_init(), where other such cma reservations also gets called. <stack trace> ============== page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10010 flags: 0x13ffff800000000(node=1|zone=0|lastcpupid=0x7ffff) CMA raw: 013ffff800000000 5deadbeef0000100 5deadbeef0000122 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: VM_BUG_ON_PAGE(pfn & ((1 << order) - 1)) ------------[ cut here ]------------ kernel BUG at mm/page_alloc.c:778! Call Trace: __free_one_page+0x57c/0x7b0 (unreliable) free_pcppages_bulk+0x1a8/0x2c8 free_unref_page_commit+0x3d4/0x4e4 free_unref_page+0x458/0x6d0 init_cma_reserved_pageblock+0x114/0x198 cma_init_reserved_areas+0x270/0x3e0 do_one_initcall+0x80/0x2f8 kernel_init_freeable+0x33c/0x530 kernel_init+0x34/0x26c ret_from_kernel_user_thread+0x14/0x1c
AI-Powered Analysis
Technical Analysis
CVE-2024-56677 is a vulnerability identified in the Linux kernel specifically related to the powerpc architecture's firmware-assisted dump (fadump) feature. The issue arises from the improper initialization sequence of the contiguous memory allocator (CMA) reserved memory area during early system initialization. In detail, the function fadump_cma_init() is called before the initmem_init() function, which is responsible for setting the pageblock_order value. Because pageblock_order remains zero at this early stage, the CMA_MIN_ALIGNMENT_BYTES is incorrectly set to PAGE_SIZE, causing the CMA memory alignment checks to be bypassed in cma_init_reserved_mem(). This misalignment leads to a potential kernel BUG triggered by cma_activate_area() when it encounters a reserved memory area that is not aligned according to the pageblock_order. The kernel panic is evidenced by a VM_BUG_ON_PAGE assertion failure, indicating a critical memory management error. The fix involves moving the fadump_cma_init() call to occur after initmem_init(), ensuring that pageblock_order is properly initialized before CMA memory reservations are processed. This vulnerability affects Linux kernel versions identified by the commit hash 11ac3e87ce09c27f4587a8c4fe0829d814021a82 and relates to the powerpc architecture's fadump functionality. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability primarily impacts systems running Linux kernels on powerpc architectures with the fadump feature enabled. While powerpc is less common than x86_64 in typical enterprise environments, it is used in certain specialized servers, embedded systems, and legacy infrastructure. The vulnerability can cause kernel panics and system crashes due to memory management faults, leading to denial of service (DoS) conditions. This can disrupt critical services, especially in environments relying on high availability and stability, such as telecommunications, industrial control systems, and research institutions using powerpc-based hardware. Although no direct remote code execution or privilege escalation is indicated, the denial of service impact can be severe, potentially causing downtime and requiring manual intervention to recover affected systems. The lack of known exploits reduces immediate risk, but the vulnerability's presence in kernel memory management means that any exploitation or triggering of the bug could have significant operational consequences.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions where this vulnerability is patched, specifically ensuring that the fix moving fadump_cma_init() after initmem_init() is applied. For systems where upgrading the kernel is not immediately feasible, disabling the fadump feature on powerpc systems can mitigate the risk by preventing the vulnerable code path from executing. Additionally, organizations should audit their infrastructure to identify any powerpc-based Linux systems with fadump enabled and monitor system logs for kernel BUG or VM_BUG_ON_PAGE messages indicative of this issue. Implementing robust system monitoring and alerting for kernel panics will help detect potential exploitation or triggering of this vulnerability early. Finally, testing kernel updates in controlled environments before deployment can prevent unexpected downtime due to kernel instability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-27T15:00:39.845Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde4fc
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 6:54:48 AM
Last updated: 8/1/2025, 12:22:40 AM
Views: 11
Related Threats
CVE-2025-9013: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9012: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9011: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9010: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-9009: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.