PT-2024-9882 · Linux +11 · Linux Kernel +11
Hyunwoo Kim
·
Published
2024-10-21
·
Updated
2025-10-24
·
CVE-2024-50264
CVSS v3.1
7.8
7.8
High
| Base vector | Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the initialization of a dangling pointer in the vsock/virtio module, potentially leading to a Use-After-Free condition. This could allow an attacker to cause a denial of service or possibly execute arbitrary code. The vulnerability is resolved by initializing the pointer to NULL. It is estimated that over 55.7 million services may be affected. The vulnerability has been exploited in real-world incidents, including a demonstration at Zer0Con 2025 using the kernel-hack-drill open-source project.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
LPE
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Weakness Enumeration
Related Identifiers
ALSA-2024:10943
ALSA-2024:10944
ALSA-2025:2627
ALT-PU-2024-16040
ALT-PU-2024-17099
ALT-PU-2024-17254
ASB-A-378870958
BDU:2024-11660
CESA-2024_10943
CESA-2024_10944
CVE-2024-50264
DLA-4008-1
DLA-4075-1
DSA-5818-1
INFSA-2024_10943
INFSA-2024_10944
INFSA-2025_2627
LSN-0108-1
LSN-0109-1
OESA-2024-2522
OESA-2025-1033
OESA-2025-1034
OESA-2025-1035
OESA-2025-1037
OPENSUSE-SU-2024_4313-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4346-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025_0098-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0105-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0108-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0110-1
OPENSUSE-SU-2025_0111-1
OPENSUSE-SU-2025_0112-1
OPENSUSE-SU-2025_0114-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0123-1
OPENSUSE-SU-2025_0124-1
OPENSUSE-SU-2025_0131-1
OPENSUSE-SU-2025_0132-1
OPENSUSE-SU-2025_0136-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0138-1
OPENSUSE-SU-2025_0146-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0164-1
OPENSUSE-SU-2025_0168-1
OPENSUSE-SU-2025_0172-1
OPENSUSE-SU-2025_0173-1
OPENSUSE-SU-2025_0177-1
OPENSUSE-SU-2025_0179-1
OPENSUSE-SU-2025_0180-1
OPENSUSE-SU-2025_0181-1
OPENSUSE-SU-2025_0184-1
OPENSUSE-SU-2025_0185-1
OPENSUSE-SU-2025_0187-1
OPENSUSE-SU-2025_0188-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0239-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0243-1
OPENSUSE-SU-2025_0244-1
OPENSUSE-SU-2025_0245-1
OPENSUSE-SU-2025_0246-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0249-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0253-1
OPENSUSE-SU-2025_0254-1
OPENSUSE-SU-2025_0255-1
OPENSUSE-SU-2025_0260-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0262-1
OPENSUSE-SU-2025_0264-1
OPENSUSE-SU-2025_0265-1
OPENSUSE-SU-2025_0266-1
RHSA-2024:10943
RHSA-2024:10944
RHSA-2024_10943
RHSA-2024_10944
RHSA-2025:2627
RHSA-2025:3510
RHSA-2025_2627
RLSA-2024:10943
RLSA-2024:10944
SUSE-SU-2024:4313-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4317-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4345-1
SUSE-SU-2024:4346-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4367-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2024:4388-1
SUSE-SU-2025:0035-1
SUSE-SU-2025:0083-1
SUSE-SU-2025:0084-1
SUSE-SU-2025:0085-1
SUSE-SU-2025:0089-1
SUSE-SU-2025:0090-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0094-1
SUSE-SU-2025:0097-1
SUSE-SU-2025:0098-1
SUSE-SU-2025:0100-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0105-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0108-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0110-1
SUSE-SU-2025:0111-1
SUSE-SU-2025:0112-1
SUSE-SU-2025:0114-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0123-1
SUSE-SU-2025:0124-1
SUSE-SU-2025:0131-1
SUSE-SU-2025:0132-1
SUSE-SU-2025:0136-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0138-1
SUSE-SU-2025:0146-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0164-1
SUSE-SU-2025:0168-1
SUSE-SU-2025:0172-1
SUSE-SU-2025:0173-1
SUSE-SU-2025:0177-1
SUSE-SU-2025:0179-1
SUSE-SU-2025:0180-1
SUSE-SU-2025:0181-1
SUSE-SU-2025:0184-1
SUSE-SU-2025:0185-1
SUSE-SU-2025:0187-1
SUSE-SU-2025:0188-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0239-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0243-1
SUSE-SU-2025:0244-1
SUSE-SU-2025:0245-1
SUSE-SU-2025:0246-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0249-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0253-1
SUSE-SU-2025:0254-1
SUSE-SU-2025:0255-1
SUSE-SU-2025:0260-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0262-1
SUSE-SU-2025:0264-1
SUSE-SU-2025:0265-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:0269-1
USN-7167-1
USN-7167-2
USN-7169-1
USN-7169-2
USN-7169-3
USN-7169-4
USN-7169-5
USN-7170-1
USN-7173-1
USN-7173-2
USN-7173-3
USN-7179-1
USN-7179-2
USN-7179-3
USN-7179-4
USN-7185-1
USN-7185-2
USN-7186-1
USN-7186-2
USN-7194-1
USN-7195-1
USN-7195-2
USN-7196-1
USN-7413-1
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
References · 6658
- 🔥 https://github.com/lanleft/CVE-2023-1829⭐ 71 🔗 15 · Exploit
- https://ubuntu.com/security/CVE-2024-46751 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-57938 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42281 · Security Note
- https://ubuntu.com/security/CVE-2024-41098 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42240 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2024-46808 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2024-56691 · Security Note
- https://bdu.fstec.ru/vul/2023-09114 · Security Note
- https://bdu.fstec.ru/vul/2025-03430 · Security Note
- https://bdu.fstec.ru/vul/2025-08066 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46850 · Security Note
- https://ubuntu.com/security/CVE-2024-49851 · Vendor Advisory
- https://bdu.fstec.ru/vul/2025-03406 · Security Note
- https://bdu.fstec.ru/vul/2024-07705 · Security Note