PT-2024-33861 · Linux+4 · Linux Kernel+4

Gui-Dong Han

Published

2024-09-30

Updated

2025-09-29

CVE-2024-50020

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.3

Description: The issue concerns improper reference count handling in the ice sriov set msix vec count() function. This can lead to reference count leaks under certain conditions, such as when ice get vf vsi() fails or when ice sriov get irqs() returns an error. The problem was identified using an experimental static analysis tool that specializes in analyzing reference count operations.

Recommendations: For Linux kernel versions prior to 6.11.3, upgrade to version 6.11.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the ice sriov set msix vec count() function until the patch is applied.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-15011

CVE-2024-50020

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2024_3984-1

OPENSUSE-SU-2024_3986-1

OPENSUSE-SU-2025:14705-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7276-1

USN-7277-1

USN-7310-1

USN-7383-1

USN-7383-2

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

USN-7451-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2024-33861 · Linux+4 · Linux Kernel+4

CVE-2024-50020

Weakness Enumeration

Related Identifiers

Affected Products

References · 2414