PT-2024-33884 · Linux+3 · Linux Kernel+3

Olga Kornievskaia

Published

2024-10-05

Updated

2025-09-29

CVE-2024-50043

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue arises when multiple FREE STATEIDs are sent for the same delegation stateid, potentially leading to use-after-free or counter refcount underflow errors. This occurs because the code drops the client lock before calling nfs4 put stid(), allowing another FREE STATE to find the stateid again, which can result in freeing the stateid and causing either use-after-free or decrementing an already zeroed counter.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-07238

CVE-2024-50043

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

USN-7276-1

USN-7277-1

USN-7310-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Ubuntu

PT-2024-33884 · Linux+3 · Linux Kernel+3

CVE-2024-50043

Weakness Enumeration

Related Identifiers

Affected Products

References · 1292