PT-2024-3467 · Linux+4 · Linux Kernel+4

Jann Horn

Published

2024-02-23

Updated

2025-09-29

CVE-2024-26630

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a read-after-free vulnerability in the cachestat function of the Linux kernel's memory management subsystem. This vulnerability can be exploited by accessing a folio from the page cache's xarray without holding a reference to it, allowing the folio to be concurrently released and reused. The vulnerability affects the computation of page offsets and the checking of dirty and writeback flags. The issue changes the behavior of tmpfs files, which will now always report zeroes in their dirty and writeback counters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:6567

ALSA-2025_16880

BDU:2024-03757

CVE-2024-26630

INFSA-2024_6567

RHSA-2024:6567

RHSA-2024_6567

RLSA-2024:6567

RXSA-2024:6567

Affected Products

Almalinux

Linux Kernel

Red Hat

Red Os

Rocky Linux

PT-2024-3467 · Linux+4 · Linux Kernel+4

CVE-2024-26630

Weakness Enumeration

Related Identifiers

Affected Products

References · 117