PT-2024-34105 · Linux+7 · Linux Kernel+7

Ming-Hung Tsai

·

Published

2024-11-04

·

Updated

2025-11-18

·

CVE-2024-50279

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to an out-of-bounds access to the dirty bitset when resizing in the dm-cache. This occurs because an index bug in bitset iteration causes the out-of-bounds access when shrinking the fast device. The problem can be reproduced by creating a cache device and then shrinking the fast device to a smaller size, triggering the out-of-bounds access. Technical details include the cache preresume function and the cache ctr function, which are involved in the bug. The dmsetup command is used to create and manage the cache device.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2024-16040
ALT-PU-2024-17099
ALT-PU-2024-17211
ALT-PU-2024-17254
ALT-PU-2024-17891
ALT-PU-2025-12647
AZL-53630
BDU:2025-03156
CVE-2024-50279
DLA-4008-1
DLA-4075-1
DSA-5818-1
OESA-2024-2537
OESA-2025-1080
OESA-2025-1081
OESA-2025-1094
OPENSUSE-SU-2024_4313-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4346-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0154-1
OPENSUSE-SU-2025_0201-1
OPENSUSE-SU-2025_0229-1
SUSE-SU-2024:4313-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4317-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4345-1
SUSE-SU-2024:4346-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4367-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2024:4388-1
SUSE-SU-2025:0035-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0201-1
SUSE-SU-2025:0201-2
SUSE-SU-2025:02069-1
SUSE-SU-2025:02070-1
SUSE-SU-2025:02071-1
SUSE-SU-2025:02075-1
SUSE-SU-2025:02076-1
SUSE-SU-2025:02077-1
SUSE-SU-2025:02095-1
SUSE-SU-2025:02096-1
SUSE-SU-2025:02101-1
SUSE-SU-2025:02106-1
SUSE-SU-2025:02107-1
SUSE-SU-2025:02110-1
SUSE-SU-2025:02111-1
SUSE-SU-2025:02113-1
SUSE-SU-2025:02116-1
SUSE-SU-2025:02117-1
SUSE-SU-2025:02124-1
SUSE-SU-2025:02125-1
SUSE-SU-2025:02126-1
SUSE-SU-2025:02127-1
SUSE-SU-2025:02131-1
SUSE-SU-2025:02134-1
SUSE-SU-2025:02136-1
SUSE-SU-2025:02139-1
SUSE-SU-2025:02140-1
SUSE-SU-2025:02142-1
SUSE-SU-2025:02144-1
SUSE-SU-2025:02154-1
SUSE-SU-2025:02157-1
SUSE-SU-2025:02162-1
SUSE-SU-2025:02171-1
SUSE-SU-2025:0229-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:20431-1
SUSE-SU-2025:20435-1
SUSE-SU-2025:20436-1
SUSE-SU-2025:20437-1
SUSE-SU-2025:20448-1
SUSE-SU-2025:20450-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_0201-1
SUSE-SU-2025_0201-2
USN-7276-1
USN-7277-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7305-1
USN-7308-1
USN-7310-1
USN-7331-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7393-1
USN-7401-1
USN-7413-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu