PT-2024-33729 · Linux+7 · Linux Kernel+7

Zac Ecob

·

Published

2024-10-21

·

Updated

2026-05-26

·

CVE-2024-49888

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A problem in the Linux kernel has been identified where a bpf program may cause a kernel crash due to a signed divide error. The issue arises when the divisor is -1, which can lead to an overflow. On x86 64 platforms, this can cause a kernel exception, while on arm64 platforms, the result is handled differently. The error occurs due to the division of LLONG MIN by -1, which should result in a positive number but exceeds the maximum positive value for 64-bit systems. Further investigation found that similar cases involving INT MIN and modulus operations can also trigger exceptions on x86 64. Pseudo codes have been provided to handle these exceptions and align the results with those on arm64 platforms.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2024:11486
ALSA-2024_11486
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
AZL-52913
AZL-52932
BDU:2025-07998
CVE-2024-49888
INFSA-2024_11486
OESA-2025-1097
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:14705-1
RHSA-2024:10942
RHSA-2024:11486
RHSA-2024_11486
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7468-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu