PT-2024-36854 · Linux+2 · Linux Kernel+2

Published

2024-11-21

Updated

2025-05-26

CVE-2024-56550

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified where the arch stack walk user common() function contains a return statement instead of a break statement in case store ip() fails while trying to store a callchain entry of a user space process. This may lead to a missing pagefault enable() call, causing any subsequent page fault of the process to not be resolved by the page fault handler, resulting in the process being killed.

Recommendations To resolve this issue, use a break instead of a return statement in the arch stack walk user common() function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2026-04528

CVE-2024-56550

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

PT-2024-36854 · Linux+2 · Linux Kernel+2

CVE-2024-56550

Weakness Enumeration

Related Identifiers

Affected Products

References · 987