CVE-2024-36949

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when multiple devices are reset in parallel. The first device calls kfd suspend all processes() to evict all processes on all devices, but this call takes time to finish. Other devices start reset and recover without waiting, and if a process has not been evicted before recovery, it will be restored and cause a page fault.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

AZL-68066

BDU:2026-06104

CVE-2024-36949

ECHO-93D0-74A3-A9EA

MGASA-2024-0263

MGASA-2024-0266

OESA-2024-1706

OESA-2024-1707

OESA-2024-1835

OESA-2024-1836

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2360-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2381-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2561-1

SUSE-SU-2024:2802-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6949-1

USN-6949-2

USN-6952-1

USN-6952-2

USN-6955-1

Affected Products

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-36949

Weakness Enumeration

Related Identifiers

Affected Products

References · 3937