AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-26947: In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved

mediumvulnerability

security

Source: NVD/CVE DatabaseMay 1, 2024CVE-2024-26947

Summary

A bug in the Linux kernel's ARM architecture code caused system crashes when the kernel tried to flush cache memory (clear temporary copies of data stored near the CPU) for reserved memory addresses that weren't mapped by the kernel. The problem occurred because an earlier change made pfn_valid() (a function that checks if a physical memory address is valid) too permissive, allowing it to accept reserved memory without proper verification.

Solution / Mitigation

Check if the PG_reserved flag (a marker indicating the memory page is reserved) was set before attempting to flush the cache for the address.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-26947

First tracked: February 15, 2026 at 08:35 PM

Classified by LLM (prompt v3) · confidence: 95%