PT-2024-32164 · Linux+6 · Linux Kernel+6

Syzbot

+1

·

Published

2024-08-04

·

Updated

2025-09-29

·

CVE-2024-46745

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue arises when the uinput interface is exercised with a large number of slots, causing memory allocation failure in the input mt init slots() function. Although the allocation failure is handled properly and the request is rejected, it results in syzkaller reports and may put an undue burden on the system. The fix involves limiting the allowed number of slots to 100, which can be extended if devices that can track more than 100 contacts are encountered.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-770

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2025-01935
CVE-2024-46745
DLA-3912-1
DLA-4008-1
DSA-5782-1
INFSA-2025_6966
MGASA-2024-0316
MGASA-2024-0318
OESA-2024-2181
OESA-2024-2182
OESA-2024-2183
OESA-2024-2184
OESA-2024-2185
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
OPENSUSE-SU-2024_3587-1
OPENSUSE-SU-2024_3592-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3559-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2024:3566-1
SUSE-SU-2024:3569-1
SUSE-SU-2024:3587-1
SUSE-SU-2024:3591-1
SUSE-SU-2024:3592-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu