PT-2024-30708 · Linux+6 · Linux Kernel+6

Published

2024-06-23

Updated

2025-09-29

CVE-2024-43849

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50

Description The issue arises when the service locator server is restarted quickly, allowing the PDR to concurrently rewrite locator addr fields. To address this, the modification of these fields is protected by placing them under the main pdr->lock.

Recommendations Update to Linux kernel version 6.6.50 or later to resolve the issue. As a temporary workaround, consider restricting concurrent access to the locator addr fields until a patch is available.

Exploit

Fix

RCE

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-667

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-14046

AZL-51135

BDU:2025-01736

CVE-2024-43849

DLA-3912-1

DLA-4008-1

MGASA-2024-0309

MGASA-2024-0310

OESA-2024-2123

OESA-2024-2124

OESA-2024-2125

OESA-2024-2126

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7100-1

USN-7100-2

USN-7123-1

USN-7144-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7194-1

USN-7196-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-30708 · Linux+6 · Linux Kernel+6

CVE-2024-43849

Weakness Enumeration

Related Identifiers

Affected Products

References · 2113