PT-2024-34079 · Linux+5 · Linux Kernel+5

Published

2024-09-03

Updated

2025-10-03

CVE-2024-50247

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: A vulnerability in the Linux kernel has been identified, specifically in the fs/ntfs3 component. The issue arises when an incorrectly formatted chunk is decompressed, resulting in more than LZNT CHUNK SIZE bytes being written, which can cause an index out of bounds error in s max off.

Recommendations: For versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider restricting access to the fs/ntfs3 component until a patch is available.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-16040

ALT-PU-2024-17211

ALT-PU-2024-17891

ALT-PU-2025-12647

AZL-53013

AZL-53136

BDU:2025-06979

CVE-2024-50247

DLA-4008-1

DSA-5818-1

MGASA-2024-0368

MGASA-2024-0369

OESA-2024-2445

OESA-2024-2446

OESA-2024-2447

OESA-2024-2448

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

USN-7276-1

USN-7277-1

USN-7288-1

USN-7288-2

USN-7289-1

USN-7289-2

USN-7289-3

USN-7289-4

USN-7291-1

USN-7305-1

USN-7308-1

USN-7310-1

USN-7331-1

USN-7388-1

USN-7389-1

USN-7390-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7458-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2024-34079 · Linux+5 · Linux Kernel+5

CVE-2024-50247

Weakness Enumeration

Related Identifiers

Affected Products

References · 1746