PT-2024-30706 · Linux+7 · Linux Kernel+7

Alexander Zubkov

·

Published

2024-06-10

·

Updated

2025-09-29

·

CVE-2024-43846

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The Linux kernel library supports aggregation of objects into other objects only if the parent object does not have a parent itself, meaning nesting is not supported. Aggregation happens in two cases: without and with hints, where hints are pre-computed recommendations on how to aggregate the provided objects. The violation of the assumption that nesting cannot happen when creating objects based on hints leads to various warnings and eventually to a general protection fault.
Recommendations Update to Linux kernel version 6.6.50 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-14046
AZL-51387
BDU:2025-01721
CVE-2024-43846
DLA-3912-1
DLA-4008-1
INFSA-2025_6966
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2124
OESA-2024-2182
OESA-2024-2183
OESA-2024-2218
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu