CVE-2024-47674: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-47674 affects the Linux kernel's memory management subsystem, specifically related to PFN (Page Frame Number) mappings. The vulnerability was discovered and reported by Jann Horn, and was disclosed in October 2024. The issue affects multiple versions of the Linux kernel up to versions 5.15.168, 6.1.111, 6.6.52, and 6.10.11 (NVD).

The vulnerability stems from improper cleanup handling in PFN mappings. Unlike normal memory mappings, PFN mappings lack lifetime information and reference counting of struct pages. This can lead to situations where error handling is performed in the wrong order, potentially resulting in stale dangling PTE entries when physical backing store is freed before page tables are cleaned up. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in a partial pfn range mapping that is dangerous because it does not maintain page reference counts. This could lead to memory management issues where callers may free pages due to errors while stale page table entries still exist, potentially causing system instability or denial of service conditions (Kernel Patch).

The issue has been fixed in the Linux kernel through a patch that ensures partial pfn mapping is torn down early, before any other error handling occurs. Users should update their Linux kernel to versions that include the fix. The patch has been backported to multiple stable kernel branches (Kernel Patch).