PT-2024-33831 · Linux+3 · Linux Kernel+3

Published

2024-10-21

Updated

2025-06-09

CVE-2024-49993

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: A potential lockup issue has been identified in the Linux kernel, specifically in the iommu/vt-d component, when the qi submit sync() function is called with a count of 0. This issue has been resolved in upstream kernel version 6.6.58. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel.

Recommendations: For versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the qi submit sync() function with a count of 0 until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2024-14503

CVE-2024-49993

INFSA-2025_6966

MGASA-2024-0344

MGASA-2024-0345

OPENSUSE-SU-2024_3983-1

OPENSUSE-SU-2024_3984-1

OPENSUSE-SU-2024_3985-1

OPENSUSE-SU-2024_3986-1

RHSA-2025:6966

RHSA-2025_6966

SUSE-SU-2024:3983-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

Affected Products

Alt Linux

Linux Kernel

Red Hat

Suse

PT-2024-33831 · Linux+3 · Linux Kernel+3

CVE-2024-49993

Related Identifiers

Affected Products

References · 1397