PT-2024-28089 · Linux+7 · Linux Kernel+7

Ye Bin

·

Published

2024-04-15

·

Updated

2026-03-14

·

CVE-2024-38632

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37
Description A potential memory leak in the Linux kernel has been resolved. The issue occurs in the vfio intx enable() function when vfio irq ctx alloc() fails, leading to a memory leak of the name variable.
Recommendations Update to Linux kernel version 6.6.37 or later to resolve the issue. As a temporary workaround, consider restricting access to the vfio intx enable() function until a patch is available.

Exploit

Fix

DoS

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-402

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2025-02947
CVE-2024-38632
DLA-4008-1
INFSA-2024_9315
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1860
OESA-2024-1861
OESA-2024-1862
OESA-2024-1863
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3587-1
OPENSUSE-SU-2024_3592-1
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3559-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3566-1
SUSE-SU-2024:3569-1
SUSE-SU-2024:3587-1
SUSE-SU-2024:3591-1
SUSE-SU-2024:3592-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7008-1
USN-7029-1
USN-7166-1
USN-7166-2
USN-7166-3
USN-7166-4
USN-7186-1
USN-7186-2
USN-7194-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu