PT-2024-32142 · Linux+6 · Linux Kernel+6

Published

2024-06-08

·

Updated

2026-05-26

·

CVE-2024-46716

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.108 Linux kernel versions prior to 6.6.49 Linux kernel versions prior to 6.10.8
Description The issue is related to the dmaengine: altera-msgdma component in the Linux kernel, where the descriptor in msgdma free descriptor is not properly freed. This is due to a list del call in msgdma chan desc cleanup, which should be the role of msgdma free descriptor. The fix involves replacing list add tail with list move tail in msgdma free descriptor, correcting the path: msgdma free chan resources -> msgdma free descriptors -> msgdma free desc list -> msgdma free descriptor, which previously did not correctly free the descriptors as first nodes were not removed from the list.
Recommendations Upgrade to Linux kernel version 6.1.108 or later to mitigate the threat. Upgrade to Linux kernel version 6.6.49 or later to mitigate the threat. Upgrade to Linux kernel version 6.10.8 or later to mitigate the threat.

Exploit

Fix

DoS

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

AZL-68264
BDU:2025-08023
CVE-2024-46716
DLA-4008-1
DSA-5782-1
OESA-2024-2292
OESA-2024-2293
OESA-2024-2295
OESA-2024-2296
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3985-1
OPENSUSE-SU-2024_4131-1
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3983-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:4082-1
SUSE-SU-2024:4131-1
SUSE-SU-2024:4364-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7196-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu