PT-2024-7194 · Linux+6 · Linux Kernel+6

Published

2024-06-26

·

Updated

2025-09-29

·

CVE-2024-43858

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to an array-index-out-of-bounds vulnerability in the diFree function of the jfs file system in the Linux kernel. This vulnerability is associated with accessing memory beyond the allocated buffer, which could allow an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations To resolve the issue, update the Linux kernel to version 6.6.50 or later. As a temporary workaround, consider restricting access to the jfs file system until the update is applied.

Exploit

Fix

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-11345
ALT-PU-2024-11524
ALT-PU-2024-11577
ALT-PU-2024-11855
ALT-PU-2024-11863
ALT-PU-2024-12232
ALT-PU-2024-12537
ALT-PU-2024-13121
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-47953
AZL-48006
BDU:2024-08533
CVE-2024-43858
DLA-3912-1
DLA-4008-1
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2122
OESA-2024-2321
OESA-2024-2322
OESA-2024-2324
OESA-2024-2325
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7069-1
USN-7069-2
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7100-1
USN-7100-2
USN-7110-1
USN-7119-1
USN-7123-1
USN-7144-1
USN-7156-1
USN-7194-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu