PT-2024-33964 · Linux+5 · Linux Kernel+5

Published

2024-11-05

Updated

2025-10-03

CVE-2024-50133

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: The issue is related to the LoongArch architecture in the Linux kernel, where tasks without a vDSO mapped can cause a crash when calling the stack top() function. This can occur when using kunit, leading to a dereference of the NULL vdso pointer and a subsequent crash. The crash can happen due to the lack of a vDSO mapping for certain tasks, such as kthreads.

Recommendations: For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider avoiding the use of kunit or restricting its functionality to minimize the risk of exploitation.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-15245

ALT-PU-2024-15251

ALT-PU-2024-17211

ALT-PU-2025-12647

AZL-52326

BDU:2025-04491

CVE-2024-50133

DLA-4008-1

MGASA-2024-0368

MGASA-2024-0369

OESA-2024-2424

OESA-2024-2425

OESA-2024-2426

OESA-2025-1078

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2024-33964 · Linux+5 · Linux Kernel+5

CVE-2024-50133

Weakness Enumeration

Related Identifiers

Affected Products

References · 1784