PT-2024-3427 · Linux+5 · Linux Kernel+5
Published
2024-04-02
·
Updated
2025-09-29
·
CVE-2024-26817
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 6.8.5
Description:
The issue is related to an integer overflow in the
kfd ioctl get process apertures new() function in the amdkfd module of the Linux kernel. This overflow can be exploited to cause a denial of service. The vulnerability is resolved by using calloc instead of kzalloc to avoid the integer overflow.Recommendations:
For Linux kernel versions prior to 6.8.5, upgrade the kernel to a patched version to resolve the issue. Additionally, audit systems using affected versions for signs of exploit and ensure strong network segmentation to limit the local attack surface. As a temporary workaround, consider restricting access to the
amdkfd module until a patch is available.Exploit
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu