PT-2024-7901 · Linux+9 · Linux Kernel+9

Published

2024-02-22

·

Updated

2026-02-21

·

CVE-2024-26973

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The vulnerability is related to the fat component of the Linux kernel and is caused by the function fat encode fh nostale() not properly initializing the full handle length, potentially leading to the leak of uninitialized information to userspace. This could allow an attacker to access confidential information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-200

Related Identifiers

ALSA-2024:3618
ALSA-2024:3627
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
AZL-40458
BDU:2024-09405
CESA-2024_3618
CESA-2024_3627
CVE-2024-26973
DLA-3840-1
DLA-3842-1
DSA-5681-1
INFSA-2024_3618
INFSA-2024_3627
INFSA-2024_9315
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
RHSA-2024:3618
RHSA-2024:3627
RHSA-2024:9315
RHSA-2024_3618
RHSA-2024_3627
RHSA-2024_9315
RHSA-2025:8248
RLSA-2024:3618
RLSA-2024:3627
SUSE-SU-2024:2135-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20249-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6878-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6917-1
USN-6919-1
USN-6927-1
USN-7019-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu