PT-2024-10204 · Linux+6 · Linux Kernel+6

Jann Horn

·

Published

2024-11-05

·

Updated

2025-10-08

·

CVE-2024-53148

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the Linux kernel and involves a problem with partial mappings in the error case for the comedi subsystem. If some remap pfn range() calls succeed before one fails, buffer pages remain mapped into the userspace page tables when the buffer reference is dropped with comedi buf map put(bm). These mappings are only cleaned up later in the mmap error path. The fix involves explicitly flushing all mappings in the VMA on the error path.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2025-00533
CVE-2024-53148
DLA-4075-1
DLA-4076-1
OESA-2025-1158
OESA-2025-1162
OESA-2025-1286
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0153-1
OPENSUSE-SU-2025_0154-1
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0577-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0153-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-7276-1
USN-7277-1
USN-7310-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7391-1
USN-7392-1
USN-7392-2
USN-7392-3
USN-7392-4
USN-7393-1
USN-7401-1
USN-7407-1
USN-7413-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7463-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu