PT-2024-29205 · Linux+3 · Linux Kernel+3

Published

2024-06-28

Updated

2025-02-03

CVE-2024-41025

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43

Description A memory leak issue has been resolved in the Linux kernel. The Audio PD daemon sends a name as part of the init IOCTL call, which needs to be copied to the kernel, allocating memory. However, this memory is never freed, potentially resulting in a memory leak. The issue has been fixed by freeing the memory when it is not needed.

Recommendations Update to Linux kernel version 6.6.43 or later to resolve the issue.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2025-03020

CVE-2024-41025

MGASA-2024-0277

MGASA-2024-0278

OESA-2024-2076

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7089-1

USN-7089-2

USN-7089-3

USN-7089-4

USN-7089-5

USN-7089-6

USN-7089-7

USN-7090-1

USN-7095-1

USN-7156-1

Affected Products

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2024-29205 · Linux+3 · Linux Kernel+3

CVE-2024-41025

Weakness Enumeration

Related Identifiers

Affected Products

References · 1689