PT-2024-21478 · Linux+4 · Linux Kernel+4

Published

2024-02-01

·

Updated

2025-03-27

·

CVE-2024-26703

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.13-200.fc39.x86 64
Description The vulnerability is related to the tracing/timerlat module in the Linux kernel. The issue arises when the timerlat's hrtimer is initialized at the first read of timerlat fd and destroyed at close. If a user program opens and closes the file without reading, it causes an error. This can lead to a kernel NULL pointer dereference.
To exploit this vulnerability, an attacker would need to create a scenario where the timerlat fd is opened and closed without reading, which could potentially lead to a denial-of-service (DoS) condition or other unintended behavior.
Recommendations To resolve this issue, update the Linux kernel to a version where the hrtimer init is moved to timerlat fd open(), avoiding the error caused by opening and closing the file without reading.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-04409
CVE-2024-26703
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1

Affected Products

Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu