PT-2024-8236 · Linux+8 · Linux Kernel+8

Ojaswin Mujoo

·

Published

2024-09-03

·

Updated

2025-09-29

·

CVE-2024-49883

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58
Description: The issue is related to a use-after-free vulnerability in the ext4 ext insert extent() function. This vulnerability can be exploited to impact the confidentiality, integrity, and availability of protected information. The vulnerability occurs when the path is reallocated in ext4 ext create new leaf(), causing a stale path to be used and resulting in a use-after-free error.
Recommendations: To resolve the issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider updating the path using *ppath to avoid the use-after-free error in the ext4 ext insert extent() function.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-14046
ALT-PU-2024-14270
ALT-PU-2024-14503
ALT-PU-2024-15739
ALT-PU-2024-16172
AZL-51360
BDU:2024-09789
CVE-2024-49883
DLA-4008-1
DLA-4075-1
INFSA-2025_6966
LSN-0114-1
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2367
OESA-2024-2368
OESA-2024-2369
OESA-2024-2370
OESA-2024-2371
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3985-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2025:14705-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:3983-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:4100-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:0034-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7166-1
USN-7166-2
USN-7166-3
USN-7166-4
USN-7186-1
USN-7186-2
USN-7194-1
USN-7276-1
USN-7277-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7393-1
USN-7401-1
USN-7403-1
USN-7413-1
USN-7468-1
USN-7539-1
USN-7540-1
USN-7684-1
USN-7684-2
USN-7684-3
USN-7685-1
USN-7685-2
USN-7685-3
USN-7685-4
USN-7685-5

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu