PT-2024-33917 · Linux+5 · Linux Kernel+5

Jinjie Ruan

·

Published

2024-10-28

·

Updated

2025-10-03

·

CVE-2024-50084

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A memory leak issue has been identified in the Linux kernel, specifically in the vcap api encode rule test() function. The issue was introduced after a fix for a use-after-free error was applied, which removed a necessary call to vcap free rule(). This has resulted in memory leaks, as evidenced by the presence of unreferenced objects. The issue is related to the vcap rule add key() and vcap rule add action() functions. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-401

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17211
ALT-PU-2025-12647
AZL-51945
BDU:2025-03370
CVE-2024-50084
OESA-2024-2367
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7383-1
USN-7383-2
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7451-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu