PT-2024-35592 · Linux+5 · Linux Kernel+5

Christophe Jaillet

·

Published

2024-11-06

·

Updated

2025-10-03

·

CVE-2024-53126

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 6.6.65
Description A bug in the Linux kernel has been resolved, specifically in the vdpa: solidrun module. The issue arises in the psnet open pf bar() and snet open vf bar() functions, where a string is placed on the stack and later passed to pcim iomap regions(). Since neither pcim iomap regions() nor the functions it calls copy the string, using the string later causes undefined behavior because the stack frame will have disappeared. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.
Recommendations For Linux Kernel versions prior to 6.6.65, update to version 6.6.65 or later to resolve the issue. As a temporary workaround, consider allocating strings on the heap through devm kasprintf() instead of placing them on the stack to prevent undefined behavior.

Exploit

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17888
ALT-PU-2025-12647
AZL-54129
BDU:2025-03159
CVE-2024-53126
MGASA-2024-0392
MGASA-2024-0393
OESA-2025-1032
OESA-2025-1036
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0153-1
OPENSUSE-SU-2025_0154-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0153-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linux Kernel
Linuxmint
Red Os
Suse
Ubuntu