PT-2024-7071 · Linux+6 · Linux Kernel+6

Syzbot

Publicado

2024-07-06

Atualizado

2025-09-29

CVE-2024-41059

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Nome do software vulnerável e versões afetadas

Kernel do Linux (versões afetadas não especificadas)

Descrição

A vulnerabilidade está relacionada ao uso de memória não inicializada no módulo hfsplus do kernel do Linux. Esse problema pode afetar a confidencialidade e a disponibilidade de informações protegidas. A vulnerabilidade é causada pela função hfsplus listxattr() no arquivo fs/hfsplus/xattr.c. Ao alocar memória para strbuf, a memória não é inicializada com zeros, o que pode levar a um comportamento inesperado. A vulnerabilidade pode ser explorada por um invasor para obter acesso não autorizado a informações confidenciais.

Recomendações

No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

Exploit

Use of Uninitialized Resource

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-908

Identificadores relacionados

ALSA-2025_16880

ALT-PU-2024-10465

ALT-PU-2024-11855

ALT-PU-2024-11863

ALT-PU-2024-12537

ALT-PU-2024-13121

ALT-PU-2024-13979

ALT-PU-2024-14046

BDU:2024-08329

CVE-2024-41059

DLA-4008-1

DSA-5747-1

MGASA-2024-0277

MGASA-2024-0278

OESA-2024-1996

OESA-2024-2076

OESA-2024-2077

OESA-2024-2078

OESA-2024-2185

OPENSUSE-SU-2024_2947-1

OPENSUSE-SU-2024_2948-1

OPENSUSE-SU-2024_3623-1

OPENSUSE-SU-2024_3624-1

OPENSUSE-SU-2024_3625-1

OPENSUSE-SU-2024_3627-1

OPENSUSE-SU-2024_3631-1

OPENSUSE-SU-2024_3632-1

OPENSUSE-SU-2024_3635-1

OPENSUSE-SU-2024_3636-1

OPENSUSE-SU-2024_3638-1

OPENSUSE-SU-2024_3639-1

OPENSUSE-SU-2024_3643-1

OPENSUSE-SU-2024_3648-1

OPENSUSE-SU-2024_3651-1

OPENSUSE-SU-2024_3652-1

OPENSUSE-SU-2024_3655-1

OPENSUSE-SU-2024_3661-1

OPENSUSE-SU-2024_3670-1

OPENSUSE-SU-2024_3672-1

OPENSUSE-SU-2024_3679-1

OPENSUSE-SU-2024_3685-1

OPENSUSE-SU-2024_3690-1

OPENSUSE-SU-2024_3694-1

OPENSUSE-SU-2024_3695-1

OPENSUSE-SU-2024_3696-1

OPENSUSE-SU-2024_3697-1

OPENSUSE-SU-2024_3700-1

OPENSUSE-SU-2024_3701-1

OPENSUSE-SU-2024_3702-1

OPENSUSE-SU-2024_3704-1

OPENSUSE-SU-2024_3706-1

OPENSUSE-SU-2024_3707-1

OPENSUSE-SU-2024_3710-1

OPENSUSE-SU-2024_3774-1

OPENSUSE-SU-2024_3779-1

OPENSUSE-SU-2024_3780-1

OPENSUSE-SU-2024_3793-1

OPENSUSE-SU-2024_3798-1

OPENSUSE-SU-2024_3806-1

OPENSUSE-SU-2024_3814-1

OPENSUSE-SU-2024_3815-1

OPENSUSE-SU-2024_3829-1

OPENSUSE-SU-2024_3830-1

OPENSUSE-SU-2024_3831-1

OPENSUSE-SU-2024_3833-1

OPENSUSE-SU-2024_3836-1

OPENSUSE-SU-2024_3837-1

OPENSUSE-SU-2024_3840-1

OPENSUSE-SU-2024_3842-1

OPENSUSE-SU-2024_3851-1

OPENSUSE-SU-2024_3852-1

OPENSUSE-SU-2024_3854-1

OPENSUSE-SU-2024_3855-1

OPENSUSE-SU-2024_3856-1

OPENSUSE-SU-2024_3857-1

OPENSUSE-SU-2024_3860-1

OPENSUSE-SU-2024_4122-1

OPENSUSE-SU-2024_4123-1

OPENSUSE-SU-2024_4124-1

OPENSUSE-SU-2024_4125-1

OPENSUSE-SU-2024_4127-1

OPENSUSE-SU-2024_4128-1

OPENSUSE-SU-2024_4161-1

OPENSUSE-SU-2024_4180-1

OPENSUSE-SU-2024_4207-1

OPENSUSE-SU-2024_4214-1

OPENSUSE-SU-2024_4216-1

OPENSUSE-SU-2024_4218-1

OPENSUSE-SU-2024_4228-1

OPENSUSE-SU-2024_4234-1

OPENSUSE-SU-2024_4235-1

OPENSUSE-SU-2024_4236-1

OPENSUSE-SU-2024_4243-1

OPENSUSE-SU-2024_4246-1

OPENSUSE-SU-2024_4256-1

OPENSUSE-SU-2024_4262-1

OPENSUSE-SU-2024_4264-1

OPENSUSE-SU-2024_4266-1

OPENSUSE-SU-2024_4275-1

OPENSUSE-SU-2025_0101-1

OPENSUSE-SU-2025_0105-1

OPENSUSE-SU-2025_0106-1

OPENSUSE-SU-2025_0107-1

OPENSUSE-SU-2025_0109-1

OPENSUSE-SU-2025_0110-1

OPENSUSE-SU-2025_0111-1

OPENSUSE-SU-2025_0114-1

OPENSUSE-SU-2025_0115-1

OPENSUSE-SU-2025_0124-1

OPENSUSE-SU-2025_0131-1

OPENSUSE-SU-2025_0137-1

OPENSUSE-SU-2025_0138-1

OPENSUSE-SU-2025_0146-1

OPENSUSE-SU-2025_0150-1

OPENSUSE-SU-2025_0158-1

OPENSUSE-SU-2025_0164-1

OPENSUSE-SU-2025_0238-1

OPENSUSE-SU-2025_0239-1

OPENSUSE-SU-2025_0240-1

OPENSUSE-SU-2025_0243-1

OPENSUSE-SU-2025_0244-1

OPENSUSE-SU-2025_0248-1

OPENSUSE-SU-2025_0249-1

OPENSUSE-SU-2025_0251-1

OPENSUSE-SU-2025_0252-1

OPENSUSE-SU-2025_0253-1

OPENSUSE-SU-2025_0254-1

OPENSUSE-SU-2025_0260-1

OPENSUSE-SU-2025_0261-1

OPENSUSE-SU-2025_0264-1

OPENSUSE-SU-2025_0266-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2893-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2902-1

SUSE-SU-2024:2923-1

SUSE-SU-2024:2929-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:2948-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3623-1

SUSE-SU-2024:3624-1

SUSE-SU-2024:3625-1

SUSE-SU-2024:3627-1

SUSE-SU-2024:3631-1

SUSE-SU-2024:3632-1

SUSE-SU-2024:3635-1

SUSE-SU-2024:3636-1

SUSE-SU-2024:3638-1

SUSE-SU-2024:3639-1

SUSE-SU-2024:3640-1

SUSE-SU-2024:3641-1

SUSE-SU-2024:3642-1

SUSE-SU-2024:3643-1

SUSE-SU-2024:3648-1

SUSE-SU-2024:3649-1

SUSE-SU-2024:3651-1

SUSE-SU-2024:3652-1

SUSE-SU-2024:3655-1

SUSE-SU-2024:3660-1

SUSE-SU-2024:3661-1

SUSE-SU-2024:3662-1

SUSE-SU-2024:3663-1

SUSE-SU-2024:3670-1

SUSE-SU-2024:3672-1

SUSE-SU-2024:3674-1

SUSE-SU-2024:3676-1

SUSE-SU-2024:3679-1

SUSE-SU-2024:3685-1

SUSE-SU-2024:3687-1

SUSE-SU-2024:3690-1

SUSE-SU-2024:3694-1

SUSE-SU-2024:3695-1

SUSE-SU-2024:3696-1

SUSE-SU-2024:3697-1

SUSE-SU-2024:3698-1

SUSE-SU-2024:3700-1

SUSE-SU-2024:3701-1

SUSE-SU-2024:3702-1

SUSE-SU-2024:3704-1

SUSE-SU-2024:3706-1

SUSE-SU-2024:3707-1

SUSE-SU-2024:3710-1

SUSE-SU-2024:3768-1

SUSE-SU-2024:3774-1

SUSE-SU-2024:3779-1

SUSE-SU-2024:3780-1

SUSE-SU-2024:3793-1

SUSE-SU-2024:3796-1

SUSE-SU-2024:3798-1

SUSE-SU-2024:3800-1

SUSE-SU-2024:3803-1

SUSE-SU-2024:3806-1

SUSE-SU-2024:3814-1

SUSE-SU-2024:3815-1

SUSE-SU-2024:3820-1

SUSE-SU-2024:3821-1

SUSE-SU-2024:3822-1

SUSE-SU-2024:3829-1

SUSE-SU-2024:3830-1

SUSE-SU-2024:3831-1

SUSE-SU-2024:3833-1

SUSE-SU-2024:3836-1

SUSE-SU-2024:3837-1

SUSE-SU-2024:3840-1

SUSE-SU-2024:3842-1

SUSE-SU-2024:3849-1

SUSE-SU-2024:3851-1

SUSE-SU-2024:3852-1

SUSE-SU-2024:3854-1

SUSE-SU-2024:3855-1

SUSE-SU-2024:3856-1

SUSE-SU-2024:3857-1

SUSE-SU-2024:3860-1

SUSE-SU-2024:4122-1

SUSE-SU-2024:4123-1

SUSE-SU-2024:4124-1

SUSE-SU-2024:4125-1

SUSE-SU-2024:4127-1

SUSE-SU-2024:4128-1

SUSE-SU-2024:4161-1

SUSE-SU-2024:4180-1

SUSE-SU-2024:4197-1

SUSE-SU-2024:4207-1

SUSE-SU-2024:4214-1

SUSE-SU-2024:4216-1

SUSE-SU-2024:4218-1

SUSE-SU-2024:4219-1

SUSE-SU-2024:4226-1

SUSE-SU-2024:4228-1

SUSE-SU-2024:4231-1

SUSE-SU-2024:4234-1

SUSE-SU-2024:4235-1

SUSE-SU-2024:4236-1

SUSE-SU-2024:4242-1

SUSE-SU-2024:4243-1

SUSE-SU-2024:4246-1

SUSE-SU-2024:4248-1

SUSE-SU-2024:4249-1

SUSE-SU-2024:4250-1

SUSE-SU-2024:4256-1

SUSE-SU-2024:4262-1

SUSE-SU-2024:4263-1

SUSE-SU-2024:4264-1

SUSE-SU-2024:4266-1

SUSE-SU-2024:4275-1

SUSE-SU-2025:0089-1

SUSE-SU-2025:0091-1

SUSE-SU-2025:0097-1

SUSE-SU-2025:0101-1

SUSE-SU-2025:0103-1

SUSE-SU-2025:0105-1

SUSE-SU-2025:0106-1

SUSE-SU-2025:0107-1

SUSE-SU-2025:0109-1

SUSE-SU-2025:0110-1

SUSE-SU-2025:0111-1

SUSE-SU-2025:0114-1

SUSE-SU-2025:0115-1

SUSE-SU-2025:0124-1

SUSE-SU-2025:0131-1

SUSE-SU-2025:0137-1

SUSE-SU-2025:0138-1

SUSE-SU-2025:0146-1

SUSE-SU-2025:0150-1

SUSE-SU-2025:0158-1

SUSE-SU-2025:0164-1

SUSE-SU-2025:0238-1

SUSE-SU-2025:0239-1

SUSE-SU-2025:0240-1

SUSE-SU-2025:0243-1

SUSE-SU-2025:0244-1

SUSE-SU-2025:0248-1

SUSE-SU-2025:0249-1

SUSE-SU-2025:0251-1

SUSE-SU-2025:0252-1

SUSE-SU-2025:0253-1

SUSE-SU-2025:0254-1

SUSE-SU-2025:0260-1

SUSE-SU-2025:0261-1

SUSE-SU-2025:0264-1

SUSE-SU-2025:0266-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7088-1

USN-7088-2

USN-7088-3

USN-7088-4

USN-7088-5

USN-7089-1

USN-7089-2

USN-7089-3

USN-7089-4

USN-7089-5

USN-7089-6

USN-7089-7

USN-7090-1

USN-7095-1

USN-7100-1

USN-7100-2

USN-7119-1

USN-7121-1

USN-7121-2

USN-7121-3

USN-7123-1

USN-7144-1

USN-7148-1

USN-7156-1

USN-7194-1

Produtos afetados

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-7071 · Linux+6 · Linux Kernel+6

CVE-2024-41059

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3536