PT-2024-7689 · Linux+5 · Linux Kernel+5

Guenter Roeck

·

Published

2024-02-08

·

Updated

2025-08-20

·

CVE-2024-26831

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a memory leak in the Linux kernel's handshake component. The handshake req destroy test1 test started failing after sock release(sock) was replaced with fput(filp) to address the memory leak. The fput(filp) function usually delays the final close and clean-up, which is not consequential in other cases but affects the handshake req destroy test1 test. This test checks that handshake req cancel() followed by closing the file actually calls the ->hp destroy method. The delay in fput(filp) causes the test to fail because it cannot guarantee that the final close is complete before checking the pointer.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2024-09135
CVE-2024-26831
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20475-1
SUSE-SU-2025:20483-1
SUSE-SU-2025:20493-1
SUSE-SU-2025:20498-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu