PT-2024-7071 · Linux+6 · Linux Kernel+6
Syzbot
·
Published
2024-07-06
·
Updated
2025-09-29
·
CVE-2024-41059
CVSS v3.1
7.1
High
| Base vector | Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The vulnerability is related to the use of uninitialized memory in the hfsplus module of the Linux kernel. This issue can potentially impact the confidentiality and availability of protected information. The vulnerability is caused by the function
hfsplus listxattr() in the file fs/hfsplus/xattr.c. When allocating memory to strbuf, the memory is not initialized to zero, which can lead to unexpected behavior. The vulnerability can be exploited by an attacker to gain unauthorized access to sensitive information.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Use of Uninitialized Resource
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
ALSA-2025_16880
ALT-PU-2024-10465
ALT-PU-2024-11855
ALT-PU-2024-11863
ALT-PU-2024-12537
ALT-PU-2024-13121
ALT-PU-2024-13979
ALT-PU-2024-14046
BDU:2024-08329
CVE-2024-41059
DLA-4008-1
DSA-5747-1
MGASA-2024-0277
MGASA-2024-0278
OESA-2024-1996
OESA-2024-2076
OESA-2024-2077
OESA-2024-2078
OESA-2024-2185
OPENSUSE-SU-2024_2947-1
OPENSUSE-SU-2024_2948-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3624-1
OPENSUSE-SU-2024_3625-1
OPENSUSE-SU-2024_3627-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3632-1
OPENSUSE-SU-2024_3635-1
OPENSUSE-SU-2024_3636-1
OPENSUSE-SU-2024_3638-1
OPENSUSE-SU-2024_3639-1
OPENSUSE-SU-2024_3643-1
OPENSUSE-SU-2024_3648-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3655-1
OPENSUSE-SU-2024_3661-1
OPENSUSE-SU-2024_3670-1
OPENSUSE-SU-2024_3672-1
OPENSUSE-SU-2024_3679-1
OPENSUSE-SU-2024_3685-1
OPENSUSE-SU-2024_3690-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3696-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3700-1
OPENSUSE-SU-2024_3701-1
OPENSUSE-SU-2024_3702-1
OPENSUSE-SU-2024_3704-1
OPENSUSE-SU-2024_3706-1
OPENSUSE-SU-2024_3707-1
OPENSUSE-SU-2024_3710-1
OPENSUSE-SU-2024_3774-1
OPENSUSE-SU-2024_3779-1
OPENSUSE-SU-2024_3780-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3806-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3830-1
OPENSUSE-SU-2024_3831-1
OPENSUSE-SU-2024_3833-1
OPENSUSE-SU-2024_3836-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3840-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_3854-1
OPENSUSE-SU-2024_3855-1
OPENSUSE-SU-2024_3856-1
OPENSUSE-SU-2024_3857-1
OPENSUSE-SU-2024_3860-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4124-1
OPENSUSE-SU-2024_4125-1
OPENSUSE-SU-2024_4127-1
OPENSUSE-SU-2024_4128-1
OPENSUSE-SU-2024_4161-1
OPENSUSE-SU-2024_4180-1
OPENSUSE-SU-2024_4207-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4216-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4228-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4236-1
OPENSUSE-SU-2024_4243-1
OPENSUSE-SU-2024_4246-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4262-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2024_4275-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0105-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0110-1
OPENSUSE-SU-2025_0111-1
OPENSUSE-SU-2025_0114-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0124-1
OPENSUSE-SU-2025_0131-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0138-1
OPENSUSE-SU-2025_0146-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0164-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0239-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0243-1
OPENSUSE-SU-2025_0244-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0249-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0253-1
OPENSUSE-SU-2025_0254-1
OPENSUSE-SU-2025_0260-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0264-1
OPENSUSE-SU-2025_0266-1
SUSE-SU-2024:2892-1
SUSE-SU-2024:2893-1
SUSE-SU-2024:2894-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2902-1
SUSE-SU-2024:2923-1
SUSE-SU-2024:2929-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2940-1
SUSE-SU-2024:2947-1
SUSE-SU-2024:2948-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3624-1
SUSE-SU-2024:3625-1
SUSE-SU-2024:3627-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3632-1
SUSE-SU-2024:3635-1
SUSE-SU-2024:3636-1
SUSE-SU-2024:3638-1
SUSE-SU-2024:3639-1
SUSE-SU-2024:3640-1
SUSE-SU-2024:3641-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3643-1
SUSE-SU-2024:3648-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3655-1
SUSE-SU-2024:3660-1
SUSE-SU-2024:3661-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3663-1
SUSE-SU-2024:3670-1
SUSE-SU-2024:3672-1
SUSE-SU-2024:3674-1
SUSE-SU-2024:3676-1
SUSE-SU-2024:3679-1
SUSE-SU-2024:3685-1
SUSE-SU-2024:3687-1
SUSE-SU-2024:3690-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3696-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3698-1
SUSE-SU-2024:3700-1
SUSE-SU-2024:3701-1
SUSE-SU-2024:3702-1
SUSE-SU-2024:3704-1
SUSE-SU-2024:3706-1
SUSE-SU-2024:3707-1
SUSE-SU-2024:3710-1
SUSE-SU-2024:3768-1
SUSE-SU-2024:3774-1
SUSE-SU-2024:3779-1
SUSE-SU-2024:3780-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3800-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3806-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3822-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3830-1
SUSE-SU-2024:3831-1
SUSE-SU-2024:3833-1
SUSE-SU-2024:3836-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3840-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3849-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:3854-1
SUSE-SU-2024:3855-1
SUSE-SU-2024:3856-1
SUSE-SU-2024:3857-1
SUSE-SU-2024:3860-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4124-1
SUSE-SU-2024:4125-1
SUSE-SU-2024:4127-1
SUSE-SU-2024:4128-1
SUSE-SU-2024:4161-1
SUSE-SU-2024:4180-1
SUSE-SU-2024:4197-1
SUSE-SU-2024:4207-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4216-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4219-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4228-1
SUSE-SU-2024:4231-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4236-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4243-1
SUSE-SU-2024:4246-1
SUSE-SU-2024:4248-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4250-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4262-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2024:4266-1
SUSE-SU-2024:4275-1
SUSE-SU-2025:0089-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0097-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0105-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0110-1
SUSE-SU-2025:0111-1
SUSE-SU-2025:0114-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0124-1
SUSE-SU-2025:0131-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0138-1
SUSE-SU-2025:0146-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0164-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0239-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0243-1
SUSE-SU-2025:0244-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0249-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0253-1
SUSE-SU-2025:0254-1
SUSE-SU-2025:0260-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0264-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7100-1
USN-7100-2
USN-7119-1
USN-7121-1
USN-7121-2
USN-7121-3
USN-7123-1
USN-7144-1
USN-7148-1
USN-7156-1
USN-7194-1
Affected Products
Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu
References · 3536
- 🔥 https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41059.json⭐ 2376 🔗 543 · Exploit
- https://ubuntu.com/security/CVE-2024-36893 · Vendor Advisory
- https://osv.dev/vulnerability/SUSE-SU-2024:4266-1 · Vendor Advisory
- https://ubuntu.com/security/notices/USN-7148-1 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-49907 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-42305 · Security Note
- https://ubuntu.com/security/CVE-2024-43884 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-39504 · Security Note
- https://ubuntu.com/security/CVE-2024-46803 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-41087 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-46835 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-41087 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2022-48828 · Security Note
- https://ubuntu.com/security/CVE-2024-46751 · Vendor Advisory
- https://osv.dev/vulnerability/USN-7121-3 · Vendor Advisory