PT-2024-28427 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2024-04-08

·

Updated

2025-09-29

·

CVE-2024-39301

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability has been resolved in the Linux kernel, specifically in the net/9p module, where an uninitialized value was found in the p9 client rpc() function. This issue was reported by Syzbot with the help of KMSAN, which detected an uninit-value in trace 9p client res() and p9 client rpc(). The problem occurs when p9 check errors() fails early in p9 client rpc(), causing req->rc.tag to not be properly initialized, but trace 9p client res() attempts to print it out anyway before p9 client rpc() finishes. The fix involves assigning default values to p9 fcall fields such as tag and id during the tag allocation stage.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-665

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-13979
ALT-PU-2024-14046
ALT-PU-2024-17597
BDU:2025-03035
CVE-2024-39301
DSA-5730-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1835
OESA-2024-1836
OESA-2024-1838
OESA-2024-1839
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2493-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6951-1
USN-6951-2
USN-6951-3
USN-6951-4
USN-6953-1
USN-6979-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7019-1
USN-7029-1
USN-7183-1
USN-7184-1
USN-7185-1
USN-7185-2

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu