PT-2024-34073 · Linux+3 · Linux Kernel+3

Olga Kornievskaia

Published

2024-10-29

Updated

2025-09-29

CVE-2024-50241

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue concerns the initialization of the struct nfsd4 copy in the Linux kernel's NFSD component. Specifically, the refcount and async copies fields must be initialized early to prevent potential issues, such as a refcount underflow, when the cleanup async copy() function references these fields in case of an error in nfsd4 copy().

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-14141

CVE-2024-50241

OESA-2024-2491

OESA-2024-2492

OESA-2024-2493

OESA-2024-2494

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

Affected Products

Alt Linux

Astra Linux

Linux Kernel

Red Os

PT-2024-34073 · Linux+3 · Linux Kernel+3

CVE-2024-50241

Weakness Enumeration

Related Identifiers

Affected Products

References · 639