cve/2024/CVE-2024-56617.md

### [CVE-2024-56617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56617)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6539cffa94957241c096099a57d05fa4d8c7db8a%3C%2023b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In the Linux kernel, the following vulnerability has been resolved:cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPUCommit  5944ce092b97 ("arch_topology: Build cacheinfo from primary CPU")adds functionality that architectures can use to optionally allocate andbuild cacheinfo early during boot. Commit  6539cffa9495 ("cacheinfo: Add arch specific early level initializer")lets secondary CPUs correct (and reallocate memory) cacheinfo data ifneeded.If the early build functionality is not used and cacheinfo does not needcorrection, memory for cacheinfo is never allocated. x86 does not usethe early build functionality. Consequently, during the cacheinfo CPUhotplug callback, last_level_cache_is_valid() attempts to dereferencea NULL pointer:  BUG: kernel NULL pointer dereference, address: 0000000000000100  #PF: supervisor read access in kernel mode  #PF: error_code(0x0000) - not present page  PGD 0 P4D 0  Oops: 0000 [#1] PREEPMT SMP NOPTI  CPU: 0 PID 19 Comm: cpuhp/0 Not tainted 6.4.0-rc2 #1  RIP: 0010: last_level_cache_is_valid+0x95/0xe0aAllocate memory for cacheinfo during the cacheinfo CPU hotplug callbackif not done earlier.Moreover, before determining the validity of the last-level cache info,ensure that it has been allocated. Simply checking for non-zerocache_leaves() is not sufficient, as some architectures (e.g., Intelprocessors) have non-zero cache_leaves() before allocation.Dereferencing NULL cacheinfo can occur in update_per_cpu_data_slice_size().This function iterates over all online CPUs. However, a CPU may have comeonline recently, but its cacheinfo may not have been allocated yet.While here, remove an unnecessary indentation in allocate_cache_info().  [ bp: Massage. ]

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/cku-heise/euvd-api-doc
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00			`### [CVE-2024-56617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56617)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=6539cffa94957241c096099a57d05fa4d8c7db8a%3C%2023b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			In the Linux kernel, the following vulnerability has been resolved:cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPUCommit 5944ce092b97 ("arch_topology: Build cacheinfo from primary CPU")adds functionality that architectures can use to optionally allocate andbuild cacheinfo early during boot. Commit 6539cffa9495 ("cacheinfo: Add arch specific early level initializer")lets secondary CPUs correct (and reallocate memory) cacheinfo data ifneeded.If the early build functionality is not used and cacheinfo does not needcorrection, memory for cacheinfo is never allocated. x86 does not usethe early build functionality. Consequently, during the cacheinfo CPUhotplug callback, last_level_cache_is_valid() attempts to dereferencea NULL pointer: BUG: kernel NULL pointer dereference, address: 0000000000000100 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not present page PGD 0 P4D 0 Oops: 0000 [#1] PREEPMT SMP NOPTI CPU: 0 PID 19 Comm: cpuhp/0 Not tainted 6.4.0-rc2 #1 RIP: 0010: last_level_cache_is_valid+0x95/0xe0aAllocate memory for cacheinfo during the cacheinfo CPU hotplug callbackif not done earlier.Moreover, before determining the validity of the last-level cache info,ensure that it has been allocated. Simply checking for non-zerocache_leaves() is not sufficient, as some architectures (e.g., Intelprocessors) have non-zero cache_leaves() before allocation.Dereferencing NULL cacheinfo can occur in update_per_cpu_data_slice_size().This function iterates over all online CPUs. However, a CPU may have comeonline recently, but its cacheinfo may not have been allocated yet.While here, remove an unnecessary indentation in allocate_cache_info(). [ bp: Massage. ]

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/cku-heise/euvd-api-doc`