PT-2024-32775 · Linux+7 · Linux Kernel+7

Published

2024-09-13

·

Updated

2026-05-26

·

CVE-2024-47728

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58
Description A vulnerability in the Linux kernel has been resolved, which could lead to memory leaks. The issue is related to the bpf helpers that had ARG PTR TO {LONG,INT} as input arguments. In case of an error, the value was not zeroed, potentially causing memory leaks. The MTU helpers also had an issue where the mtu len pointer value was being written but also read. The MEM UNINIT semantics will be reworked in follow-up work to better express the intent.
Recommendations For versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider clearing the *mtu len on error path to prevent potential memory leaks.

Exploit

Fix

DoS

Memory Leak

Weakness Enumeration

CWE-459CWE-401

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-14046
ALT-PU-2024-14268
AZL-50703
AZL-50972
BDU:2025-03288
CVE-2024-47728
DLA-4008-1
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2445
OESA-2024-2446
OESA-2024-2447
OESA-2024-2448
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7468-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu