CVE-2024-24898

Name of the Vulnerable Software and Affected Versions openEuler kernel versions 4.19.90-2109.1.0.0108 through 4.19.90-2403.4.0.0244

Description The issue is related to Exposure of Sensitive Information to an Unauthorized Actor, allowing Resource Leak Exposure in the openEuler kernel on Linux. This vulnerability is associated with program files, specifically the tcm.C file in the drivers/staging/gmjstcm directory.

Recommendations To resolve the issue, update the kernel to a version later than 4.19.90-2403.4.0.0244. As a temporary workaround, consider restricting access to the vulnerable program files, specifically the tcm.C file in the drivers/staging/gmjstcm directory, until a patch is available.