PT-2024-31322 · Linux+6 · Linux Kernel+6

Published

2024-08-05

·

Updated

2025-09-29

·

CVE-2024-44954

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access, which could cause a KMSAN warning triggered by syzkaller. This patch protects the midibuf call of the former code path with a spinlock for avoiding the possible races.
Recommendations Update to Linux kernel version 6.6.50 or later to resolve the issue. As a temporary workaround, consider applying a patch that protects the midibuf call with a spinlock to avoid possible races.

Exploit

Fix

Race Condition

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-667

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-11345
ALT-PU-2024-14046
BDU:2025-01911
CVE-2024-44954
DLA-3912-1
DLA-4008-1
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2181
OESA-2024-2217
OESA-2024-2218
OESA-2024-2255
OESA-2024-2258
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3587-1
OPENSUSE-SU-2024_3592-1
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3559-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3566-1
SUSE-SU-2024:3569-1
SUSE-SU-2024:3587-1
SUSE-SU-2024:3591-1
SUSE-SU-2024:3592-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu