PT-2024-29229 · Linux+5 · Linux Kernel+5

Baokun Li

Published

2024-06-28

Updated

2026-05-26

CVE-2024-41050

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is related to the cachefiles function in the Linux kernel, where the reuse of msg id after a maliciously completed reopen request can cause a read request to remain unprocessed and result in a hung task. This issue arises due to the incorrect allocation of msg id, which can be exploited to trigger a hung task when read requests are waiting for the reopen to complete. The cachefiles ondemand send req(OPEN) function is involved in this process, and the reuse of msg id can lead to unexpected behavior, including the execution of a successful copen when it is expected to fail.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-362CWE-416

Related Identifiers

BDU:2025-01572

CVE-2024-41050

DLA-4008-1

MGASA-2024-0277

MGASA-2024-0278

OESA-2024-2076

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7089-1

USN-7089-2

USN-7089-3

USN-7089-4

USN-7089-5

USN-7089-6

USN-7089-7

USN-7090-1

USN-7095-1

USN-7156-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-29229 · Linux+5 · Linux Kernel+5

CVE-2024-41050

Weakness Enumeration

Related Identifiers

Affected Products

References · 1699