PT-2024-33776 · Linux+8 · Linux Kernel+8

Li Zhijian

·

Published

2024-10-21

·

Updated

2026-05-26

·

CVE-2024-49934

CVSS v2.0

4.9

Medium

VectorAV:L/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel version 6.10.0-rc2-lizhijian+
Description: A crash occurs during hot-remove of a memory device when a user is accessing the hugetlb, due to dump mapping() accessing an invalid dentry.d name.name. The issue arises because dump mapping() only needs to dump the filename, but it can still run into an invalid dentry.d name.name. To prevent an unnecessary crash, the filename should be retrieved in a safer way.
Recommendations: As a temporary workaround, consider disabling the dump mapping() function until a patch is available. Update to a version of the Linux kernel where this issue has been resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
AZL-52906
AZL-52972
BDU:2025-04161
CVE-2024-49934
DLA-4076-1
INFSA-2025_6966
OESA-2024-2367
OESA-2024-2368
OESA-2024-2369
OESA-2024-2371
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025:14705-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7468-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu