PT-2024-7602 · Linux+7 · Linux Kernel+7

Alex Deucher

+5

·

Published

2024-08-20

·

Updated

2026-05-26

·

CVE-2024-49989

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a double free problem in the Linux kernel's amdgpu module. Specifically, the link destruct() function in the drivers/gpu/drm/amd/display/dc/link/link factory.c file is vulnerable to repeated freeing of previously freed memory. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability occurs when unloading the amdgpu module, and it involves the dcn10 link encoder destroy() and link destroy() functions.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Double Free

Weakness Enumeration

CWE-415

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-14046
AZL-51462
BDU:2024-09008
CVE-2024-49989
DLA-4102-1
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2367
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7468-1
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7711-1
USN-7712-1
USN-7712-2

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu