PT-2024-34127 · Linux +11 · Linux Kernel +11
Benoît Sevens
·
Published
2024-11-18
·
Updated
2025-09-07
·
CVE-2024-50302
CVSS v3.1
7.8
7.8
High
| Base vector | Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to the use of an uninitialized resource in the HID subsystem of the Linux kernel. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. The vulnerability has been resolved by zero-initializing the report buffer during allocation to prevent kernel memory leaks via specially-crafted reports. The vulnerability is being actively exploited.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use of Uninitialized Resource
Weakness Enumeration
Related Identifiers
ALSA-2025:2473
ALSA-2025:2474
ALSA-2025:2627
ALT-PU-2024-15739
ALT-PU-2024-16040
ALT-PU-2024-17099
ALT-PU-2024-17254
ASB-A-380395346
BDU:2025-02383
CESA-2025_2473
CESA-2025_2474
CVE-2024-50302
DLA-4008-1
DLA-4075-1
DSA-5818-1
INFSA-2025_2473
INFSA-2025_2474
INFSA-2025_2627
LSN-0111-1
LSN-0112-1
OESA-2024-2533
OESA-2024-2534
OESA-2024-2535
OESA-2024-2536
OESA-2024-2537
OPENSUSE-SU-2024_4313-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4346-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025_0897-1
OPENSUSE-SU-2025_0898-1
OPENSUSE-SU-2025_0903-1
OPENSUSE-SU-2025_0906-1
OPENSUSE-SU-2025_0907-1
OPENSUSE-SU-2025_0911-1
OPENSUSE-SU-2025_0916-1
OPENSUSE-SU-2025_0917-1
OPENSUSE-SU-2025_0919-1
OPENSUSE-SU-2025_0920-1
OPENSUSE-SU-2025_0922-1
OPENSUSE-SU-2025_0929-1
OPENSUSE-SU-2025_0942-1
OPENSUSE-SU-2025_0943-1
OPENSUSE-SU-2025_0944-1
OPENSUSE-SU-2025_0946-1
OPENSUSE-SU-2025_0950-1
OPENSUSE-SU-2025_0952-1
OPENSUSE-SU-2025_0961-1
OPENSUSE-SU-2025_0962-1
RHSA-2025:2473
RHSA-2025:2474
RHSA-2025:2475
RHSA-2025:2476
RHSA-2025:2488
RHSA-2025:2489
RHSA-2025:2490
RHSA-2025:2501
RHSA-2025:2510
RHSA-2025:2512
RHSA-2025:2514
RHSA-2025:2517
RHSA-2025:2524
RHSA-2025:2525
RHSA-2025:2528
RHSA-2025:2627
RHSA-2025:2646
RHSA-2025_2473
RHSA-2025_2474
RHSA-2025_2627
SUSE-SU-2024:4313-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4317-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4345-1
SUSE-SU-2024:4346-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4367-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2024:4388-1
SUSE-SU-2025:0035-1
SUSE-SU-2025:0885-1
SUSE-SU-2025:0886-1
SUSE-SU-2025:0888-1
SUSE-SU-2025:0892-1
SUSE-SU-2025:0893-1
SUSE-SU-2025:0896-1
SUSE-SU-2025:0897-1
SUSE-SU-2025:0898-1
SUSE-SU-2025:0903-1
SUSE-SU-2025:0904-1
SUSE-SU-2025:0906-1
SUSE-SU-2025:0907-1
SUSE-SU-2025:0908-1
SUSE-SU-2025:0911-1
SUSE-SU-2025:0916-1
SUSE-SU-2025:0917-1
SUSE-SU-2025:0919-1
SUSE-SU-2025:0920-1
SUSE-SU-2025:0922-1
SUSE-SU-2025:0924-1
SUSE-SU-2025:0927-1
SUSE-SU-2025:0929-1
SUSE-SU-2025:0942-1
SUSE-SU-2025:0943-1
SUSE-SU-2025:0944-1
SUSE-SU-2025:0946-1
SUSE-SU-2025:0950-1
SUSE-SU-2025:0952-1
SUSE-SU-2025:0961-1
SUSE-SU-2025:0962-1
USN-7276-1
USN-7277-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7305-1
USN-7308-1
USN-7310-1
USN-7331-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7393-1
USN-7401-1
USN-7402-1
USN-7402-2
USN-7402-3
USN-7402-4
USN-7402-5
USN-7403-1
USN-7413-1
USN-7428-1
USN-7428-2
USN-7429-1
USN-7429-2
USN-7451-1
USN-7458-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1
USN-7720-1
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
References · 6921
- https://ubuntu.com/security/CVE-2024-49948 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44967 · Security Note
- https://ubuntu.com/security/CVE-2024-49873 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47659 · Security Note
- https://ubuntu.com/security/CVE-2024-53084 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53209 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50287 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47751 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50232 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56776 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49918 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57843 · Security Note
- https://bdu.fstec.ru/vul/2025-03376 · Security Note
- https://security-tracker.debian.org/tracker/source-package/linux-6.1 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-47744 · Vendor Advisory