PT-2024-28473 · Linux+6 · Linux Kernel+6

Published

2024-06-01

·

Updated

2025-09-29

·

CVE-2024-39371

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37
Description A vulnerability in the Linux kernel has been resolved, which allowed a NULL pointer dereference off the forced async preparation path if no file had been assigned. This issue occurred because the request was marked as forced ASYNC and had a bad file fd, taking the forced async prep path. The vulnerability could be triggered by exploiting this path, leading to a kernel NULL pointer dereference. The issue has been fixed by adding a safety check for non-NULL file pointers in the io file can poll() function.
Recommendations To resolve this issue, update the Linux kernel to version 6.6.37 or later. If updating is not possible, consider disabling the io uring feature or restricting access to the vulnerable io file can poll() function as a temporary workaround until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-11524
ALT-PU-2024-13979
ALT-PU-2024-14046
BDU:2025-03434
CVE-2024-39371
DLA-4008-1
DSA-5731-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1836
OPENSUSE-SU-2024_2947-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2894-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2947-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7008-1
USN-7029-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu