PT-2024-33899 · Linux+6 · Linux Kernel+6

Sergey Senozhatsky

·

Published

2024-10-21

·

Updated

2025-10-03

·

CVE-2024-50064

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58
Description: The issue is related to memory leakage in the zram device when it has multi-streams and is reset without freeing secondary algorithms names. This can be resolved by using kfree() to free the secondary algorithms names. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.
Recommendations: For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider implementing a custom solution to free secondary algorithms names when resetting the zram device to prevent memory leakage.

Exploit

Fix

Information Disclosure

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-401

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-14704
ALT-PU-2024-17211
ALT-PU-2025-12647
AZL-50863
BDU:2025-03380
CVE-2024-50064
INFSA-2025_6966
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2367
OESA-2024-2368
OESA-2024-2369
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2025:14705-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7383-1
USN-7383-2
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7451-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu