PT-2024-30712 · Linux+10 · Linux Kernel+10

Christoph Hellwig

·

Published

2024-06-14

·

Updated

2025-09-29

·

CVE-2024-43854

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to the initialization of the integrity buffer in the Linux kernel. Metadata added by bio integrity prep uses plain kmalloc, which leads to random kernel memory being written to media. For PI metadata, this is limited to the app tag that isn't used by kernel-generated metadata, but for non-PI metadata, the entire buffer leaks kernel memory. The fix involves adding the GFP ZERO flag to allocations for writes.
Recommendations To resolve the issue, update to Linux kernel version 6.6.50 or later. As a temporary workaround, consider restricting access to the vulnerable bio integrity prep function until a patch is available.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2024:10939
ALSA-2024:8617
ALSA-2024:8856
ALSA-2024:8870
ALSA-2024_10939
ALSA-2025_16880
ALT-PU-2024-11524
ALT-PU-2024-11855
ALT-PU-2024-11863
ALT-PU-2024-13121
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-47958
AZL-48033
BDU:2025-01717
CESA-2024_8856
CESA-2024_8870
CVE-2024-43854
DLA-3912-1
DLA-4008-1
INFSA-2024_10939
INFSA-2024_8617
INFSA-2024_8856
INFSA-2024_8870
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2106
OESA-2024-2107
OESA-2024-2108
OESA-2025-1078
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
OPENSUSE-SU-2024_4131-1
RHSA-2024:10772
RHSA-2024:10773
RHSA-2024:10939
RHSA-2024:8617
RHSA-2024:8856
RHSA-2024:8870
RHSA-2024_10939
RHSA-2024_8617
RHSA-2024_8856
RHSA-2024_8870
RLSA-2024:8617
RLSA-2024:8856
RLSA-2024:8870
SUSE-SU-2024:3189-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3251-1
SUSE-SU-2024:3252-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2024:4131-1
SUSE-SU-2024:4345-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7121-1
USN-7121-2
USN-7121-3
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1
USN-7332-1
USN-7332-2
USN-7332-3

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu