CVE-2024-42094
Description
In the Linux kernel, the following vulnerability has been resolved:
net/iucv: Avoid explicit cpumask var allocation on stack
For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow.
Instead, kernel code should always use *cpumask_var API(s) to allocate cpumask var in config-neutral way, leaving allocation strategy to CONFIG_CPUMASK_OFFSTACK.
Use *cpumask_var API(s) to address it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2024-42094 fixes a potential stack overflow in the Linux kernel's net/iucv subsystem by moving from stack-allocated to dynamically allocated cpumask variables.
Vulnerability
CVE-2024-42094 is a security issue in the Linux kernel's net/iucv subsystem, specifically related to the use of CPU mask variables. Prior to the fix, the code allocated a cpumask_t variable directly on the stack. When the kernel is compiled with CONFIG_CPUMASK_OFFSTACK=y, such stack allocation is discouraged because it can lead to a stack overflow [1].
Exploitation
This vulnerability is local in nature and does not require special privileges to trigger. An attacker with local access could potentially exploit the stack overflow by inducing conditions that cause the kernel to use a large CPU mask, overflowing the stack. The attack surface is the Linux kernel's IUCV (Inter-User Communication Vehicle) networking code, which is primarily used on IBM mainframes (S/390) [2].
Impact
A successful exploitation could lead to a denial of service (system crash) or potentially allow an attacker to escalate privileges if the overflow corrupts critical kernel data. The CVSS v3 base score of 7.1 (High) reflects the significant impact given the relatively low attack complexity [1].
Mitigation
The fix was introduced in the Linux kernel via commit be4e1304419c [4]. Using *cpumask_var API functions ensures that the CPU mask is dynamically allocated when CONFIG_CPUMASK_OFFSTACK is enabled, avoiding stack overflows. Users should update to a kernel version containing this patch or apply the relevant backport to affected systems [2].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
26- osv-coords25 versionspkg:rpm/almalinux/bpftoolpkg:rpm/almalinux/kernelpkg:rpm/almalinux/kernel-abi-stablelistspkg:rpm/almalinux/kernel-corepkg:rpm/almalinux/kernel-cross-headerspkg:rpm/almalinux/kernel-debugpkg:rpm/almalinux/kernel-debug-corepkg:rpm/almalinux/kernel-debug-develpkg:rpm/almalinux/kernel-debug-modulespkg:rpm/almalinux/kernel-debug-modules-extrapkg:rpm/almalinux/kernel-develpkg:rpm/almalinux/kernel-docpkg:rpm/almalinux/kernel-headerspkg:rpm/almalinux/kernel-modulespkg:rpm/almalinux/kernel-modules-extrapkg:rpm/almalinux/kernel-toolspkg:rpm/almalinux/kernel-tools-libspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/almalinux/kernel-zfcpdumppkg:rpm/almalinux/kernel-zfcpdump-corepkg:rpm/almalinux/kernel-zfcpdump-develpkg:rpm/almalinux/kernel-zfcpdump-modulespkg:rpm/almalinux/kernel-zfcpdump-modules-extrapkg:rpm/almalinux/perfpkg:rpm/almalinux/python3-perf
< 4.18.0-553.22.1.el8_10+ 24 more
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
- (no CPE)range: < 4.18.0-553.22.1.el8_10
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- git.kernel.org/stable/c/0af718a690acc089aa1bbb95a93df833d864ef53nvdPatch
- git.kernel.org/stable/c/2b085521be5292016097b5e7ca81b26be3f7098dnvdPatch
- git.kernel.org/stable/c/2d090c7f7be3b26fcb80ac04d08a4a8062b1d959nvdPatch
- git.kernel.org/stable/c/724e7965af054079242b8d6f7e50ee226730a756nvdPatch
- git.kernel.org/stable/c/842afb47d84536fc976fece8fb6c54bea711ad1anvdPatch
- git.kernel.org/stable/c/9dadab0db7d904413ea1cdaa13f127da05c31e71nvdPatch
- git.kernel.org/stable/c/be4e1304419c99a164b4c0e101c7c2a756b635b9nvdPatch
- git.kernel.org/stable/c/d85ca8179a54ff8cf1e1f8c3c9e3799831319baenvdPatch
- cert-portal.siemens.com/productcert/html/ssa-265688.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-355557.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-613116.htmlnvd
- lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlnvd
News mentions
0No linked articles in our index yet.