PT-2024-34128 · Linux+3 · Linux Kernel+3

Gregory Price

Published

2024-10-28

Updated

2025-09-29

CVE-2024-50303

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A vulnerability in the Linux kernel has been resolved, where the walk system ram res rev function erroneously discards resource flags when passing information to the callback. This causes systems with IORESOURCE SYSRAM DRIVER MANAGED memory to have these resources selected during kexec to store kexec buffers if that memory happens to be placed above normal system ram. This leads to undefined behavior after reboot, potentially causing system crashes or undefined behavior if the kexec buffer is touched.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-14148

CVE-2024-50303

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Ubuntu

PT-2024-34128 · Linux+3 · Linux Kernel+3

CVE-2024-50303

Weakness Enumeration

Related Identifiers

Affected Products

References · 1087