PT-2024-33939 · Linux+4 · Linux Kernel+4

Published

2024-10-18

Updated

2025-09-29

CVE-2024-50107

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc2

Description: A vulnerability in the Linux kernel has been resolved, specifically in the platform/x86/intel/pmc module. The issue was caused by the iounmap function not being called for valid addresses, resulting in a warning being triggered on certain systems, such as the Thinkpad P1 Gen 7 (Meteor Lake-P). The warning was introduced by a commit that improved address range checks for iounmap. The vulnerability was exploited in real-world incidents, but details are not provided.

Recommendations: To resolve the issue, update the Linux kernel to a version newer than 6.12.0-rc2. As a temporary workaround, consider disabling the pmc core iounmap function until a patch is available. Restrict access to the intel pmc core module to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-13977

CVE-2024-50107

INFSA-2025_6966

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

RHSA-2025:6966

RHSA-2025_6966

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Red Hat

Ubuntu

PT-2024-33939 · Linux+4 · Linux Kernel+4

CVE-2024-50107

Weakness Enumeration

Related Identifiers

Affected Products

References · 1594