PT-2024-35582 · Linux+5 · Linux Kernel+5

Published

2024-11-12

Updated

2025-09-29

CVE-2024-53117

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.11.9

Description The issue concerns a memory leak in the Linux kernel, specifically in the virtio/vsock component. It has been resolved by improving the error handling for MSG ZEROCOPY and adding a missing kfree skb() call to prevent memory leaks.

Recommendations For Linux kernel versions prior to 6.11.9, update to version 6.11.9 or later to resolve the issue. As a temporary workaround, consider disabling the virtio/vsock component until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-15057

CVE-2024-53117

INFSA-2025_6966

OPENSUSE-SU-2025_0117-1

OPENSUSE-SU-2025_0153-1

OPENSUSE-SU-2025_0154-1

RHSA-2025:6966

RHSA-2025_6966

SUSE-SU-2025:0117-1

SUSE-SU-2025:0153-1

SUSE-SU-2025:0154-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:20165-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20248-1

SUSE-SU-2025:20249-1

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2024-35582 · Linux+5 · Linux Kernel+5

CVE-2024-53117

Weakness Enumeration

Related Identifiers

Affected Products

References · 2492