PT-2024-32779 · Linux+2 · Linux Kernel+2

Published

2024-08-30

Updated

2025-04-01

CVE-2024-47733

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.11.0-rc3

Description A vulnerability in the Linux kernel has been identified where the netfs module fails to properly delete its subtree when it exits, leading to a warning about removing a non-empty directory. This issue arises from the use of remove proc entry() instead of remove proc subtree() in the netfs exit() function. The problem occurs when the netfs init() or fscache proc init() functions create a dentry under 'fs/netfs', but the netfs exit() function only deletes the proc entry of 'fs/netfs' without deleting its subtree.

Recommendations To resolve this issue, use remove proc subtree() instead of remove proc entry() in the netfs exit() function for Linux kernel versions prior to 6.11.0-rc3.

Exploit

Fix

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772

Related Identifiers

BDU:2025-13726

CVE-2024-47733

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

USN-7276-1

USN-7277-1

USN-7301-1

USN-7303-1

USN-7303-2

USN-7303-3

USN-7304-1

USN-7310-1

USN-7311-1

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

PT-2024-32779 · Linux+2 · Linux Kernel+2

CVE-2024-47733

Weakness Enumeration

Related Identifiers

Affected Products

References · 1332