CVE-2024-0841: 
Linux Kernel vulnerability analysis and mitigation

A null pointer dereference vulnerability (CVE-2024-0841) was discovered in the hugetlbfs_fill_super function of the Linux kernel's HugeTLB pages functionality. The vulnerability was disclosed on January 28, 2024, affecting Linux kernel versions from 5.1 through 6.1.79 (NVD, Red Hat).

The vulnerability occurs when attempting to update the pagesize value to an invalid size using the fsconfig syscall. When hugetlbfs_parse_param() is called, it sets the hstate value to null if an invalid page size is provided. Subsequently, if another fsconfig syscall is made with the FSCONFIG_CMD_CREATE option, the system attempts to dereference that null pointer within hugetlbfs_fill_super(), causing a kernel panic. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) by NIST, while Red Hat assessed it with a score of 6.6 (MEDIUM) (NVD).

This vulnerability may allow a local user with appropriate privileges to crash the system (denial of service) or potentially escalate their privileges on the affected system (Red Hat).

The vulnerability has been fixed in multiple Linux distributions through security updates. Red Hat has addressed this in RHEL 9 via RHSA-2024:2394 and RHEL 8 via RHSA-2024:2950 and RHSA-2024:3138. Debian has also included fixes in their security updates (Red Hat, Debian).