PT-2024-5407 · Linux+6 · Linux Kernel+6

Published

2024-05-23

·

Updated

2025-09-29

·

CVE-2024-39277

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37
Description The issue is related to the do map benchmark() function in the Linux kernel, which can cause an array-index-out-of-bounds error when cpumask of node() is called for NUMA NO NODE inside do map benchmark(). This results in a sanitizer report indicating an index out of range for type 'cpumask [64][1]'. The error occurs when binding a kernel thread to a cpuset of a particular node, and the provided node id is checked inside map benchmark ioctl(). The NUMA NO NODE case is not handled properly later, leading to the error.
Recommendations To resolve the issue, update the Linux kernel to version 6.6.37 or later. As a temporary workaround, consider disabling the do map benchmark() function until a patch is available. Restrict access to the vulnerable map benchmark ioctl() API endpoint to minimize the risk of exploitation. Avoid using the cpumask of node() function with NUMA NO NODE until the issue is resolved.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-10855
ALT-PU-2024-11524
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-42838
AZL-42844
BDU:2024-06051
CVE-2024-39277
MGASA-2024-0263
MGASA-2024-0266
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7019-1
USN-7029-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu