CVE-2024-50012

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: A vulnerability in the Linux kernel's cpufreq function has been resolved. The issue occurred in the parse perf domain function, where a bad reference count on the CPU node could happen if the call to of parse phandle with args returned an error. This would cause the reference to the CPU device node to not be properly decremented. The problem was addressed by declaring the variable with the free(device node) cleanup attribute.

Recommendations: For versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider applying the patch that declares the variable with the free(device node) cleanup attribute to prevent incorrect reference counts on CPU nodes.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-911

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-14046

AZL-51408

BDU:2025-07979

CVE-2024-50012

DLA-4008-1

DSA-5818-1

MGASA-2024-0344

MGASA-2024-0345

OESA-2024-2325

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2024_4314-1

OPENSUSE-SU-2024_4316-1

OPENSUSE-SU-2025:14705-1

SUSE-SU-2024:4314-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7276-1

USN-7277-1

USN-7301-1

USN-7303-1

USN-7303-2

USN-7303-3

USN-7304-1

USN-7310-1

USN-7311-1

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

USN-7468-1

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2024-50012

Weakness Enumeration

Related Identifiers

Affected Products

References · 2365