PT-2024-34031 · Linux+4 · Linux Kernel+4

Published

2024-09-26

Updated

2025-09-29

CVE-2024-50197

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A memory leak issue has been identified in the Linux kernel, specifically in the device for each child node() loop. The loop requires calls to fwnode handle put() upon early returns to decrement the refcount of the child node and avoid leaking memory if that error path is triggered. However, in the intel platform pinctrl prepare community() function, there is an early return without the necessary fwnode handle put() call. To resolve this issue, the scoped version of the loop can be used to simplify the code and avoid mistakes in the future if new early returns are added.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-13959

CVE-2024-50197

INFSA-2025_6966

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

RHSA-2025:6966

RHSA-2025_6966

USN-7276-1

USN-7277-1

USN-7310-1

USN-7383-1

USN-7383-2

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

USN-7451-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Red Hat

Ubuntu

PT-2024-34031 · Linux+4 · Linux Kernel+4

CVE-2024-50197

Weakness Enumeration

Related Identifiers

Affected Products

References · 1599