PT-2024-34127 · Linux+11 · Linux Kernel+11

Benoît Sevens

·

Published

2024-11-18

·

Updated

2026-05-12

·

CVE-2024-50302

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description The issue is related to a possible leak of kernel memory contents to a USB HID due to uninitialized data in the Linux kernel. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. The vulnerability has been resolved by zero-initializing the report buffer in the Linux kernel. It is also mentioned that this vulnerability was actively exploited, including by Serbian authorities to unlock confiscated devices via an exploit chain developed by Cellebrite.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Weakness Enumeration

CWE-908

Related Identifiers

ALSA-2025:2473
ALSA-2025:2474
ALSA-2025:2627
ALT-PU-2024-15739
ALT-PU-2024-16040
ALT-PU-2024-17099
ALT-PU-2024-17211
ALT-PU-2024-17254
ALT-PU-2024-17891
ALT-PU-2025-12647
ASB-A-380395346
AZL-53606
AZL-53706
BDU:2025-02383
CESA-2025_2473
CESA-2025_2474
CVE-2024-50302
DLA-4008-1
DLA-4075-1
DSA-5818-1
INFSA-2025_2473
INFSA-2025_2474
INFSA-2025_2627
LSN-0111-1
LSN-0112-1
OESA-2024-2533
OESA-2024-2534
OESA-2024-2535
OESA-2024-2536
OESA-2024-2537
OPENSUSE-SU-2024_4313-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4346-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025_0897-1
OPENSUSE-SU-2025_0898-1
OPENSUSE-SU-2025_0903-1
OPENSUSE-SU-2025_0906-1
OPENSUSE-SU-2025_0907-1
OPENSUSE-SU-2025_0911-1
OPENSUSE-SU-2025_0916-1
OPENSUSE-SU-2025_0917-1
OPENSUSE-SU-2025_0919-1
OPENSUSE-SU-2025_0920-1
OPENSUSE-SU-2025_0922-1
OPENSUSE-SU-2025_0929-1
OPENSUSE-SU-2025_0942-1
OPENSUSE-SU-2025_0943-1
OPENSUSE-SU-2025_0944-1
OPENSUSE-SU-2025_0946-1
OPENSUSE-SU-2025_0950-1
OPENSUSE-SU-2025_0952-1
OPENSUSE-SU-2025_0961-1
OPENSUSE-SU-2025_0962-1
RHSA-2025:2473
RHSA-2025:2474
RHSA-2025:2475
RHSA-2025:2476
RHSA-2025:2488
RHSA-2025:2489
RHSA-2025:2490
RHSA-2025:2501
RHSA-2025:2510
RHSA-2025:2512
RHSA-2025:2514
RHSA-2025:2517
RHSA-2025:2524
RHSA-2025:2525
RHSA-2025:2528
RHSA-2025:2627
RHSA-2025:2646
RHSA-2025_2473
RHSA-2025_2474
RHSA-2025_2627
SUSE-SU-2024:4313-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4317-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4345-1
SUSE-SU-2024:4346-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4367-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2024:4388-1
SUSE-SU-2025:0035-1
SUSE-SU-2025:0885-1
SUSE-SU-2025:0886-1
SUSE-SU-2025:0888-1
SUSE-SU-2025:0892-1
SUSE-SU-2025:0893-1
SUSE-SU-2025:0896-1
SUSE-SU-2025:0897-1
SUSE-SU-2025:0898-1
SUSE-SU-2025:0903-1
SUSE-SU-2025:0904-1
SUSE-SU-2025:0906-1
SUSE-SU-2025:0907-1
SUSE-SU-2025:0908-1
SUSE-SU-2025:0911-1
SUSE-SU-2025:0916-1
SUSE-SU-2025:0917-1
SUSE-SU-2025:0919-1
SUSE-SU-2025:0920-1
SUSE-SU-2025:0922-1
SUSE-SU-2025:0924-1
SUSE-SU-2025:0927-1
SUSE-SU-2025:0929-1
SUSE-SU-2025:0942-1
SUSE-SU-2025:0943-1
SUSE-SU-2025:0944-1
SUSE-SU-2025:0946-1
SUSE-SU-2025:0950-1
SUSE-SU-2025:0952-1
SUSE-SU-2025:0961-1
SUSE-SU-2025:0962-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20186-1
SUSE-SU-2025:20188-1
SUSE-SU-2025:20189-1
SUSE-SU-2025:20191-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:20285-1
SUSE-SU-2025:4123-1
USN-7276-1
USN-7277-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7305-1
USN-7308-1
USN-7310-1
USN-7331-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7393-1
USN-7401-1
USN-7402-1
USN-7402-2
USN-7402-3
USN-7402-4
USN-7402-5
USN-7403-1
USN-7413-1
USN-7428-1
USN-7428-2
USN-7429-1
USN-7429-2
USN-7451-1
USN-7458-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1
USN-7720-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu