PT-2024-8449 · Linux+9 · Linux Kernel+9

Published

2024-03-01

·

Updated

2026-05-19

·

CVE-2024-27388

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a memory leak in the gssx dec option array() function of the SUNRPC component in the Linux kernel. This memory leak can be exploited to cause a denial of service. The creds and oa->data need to be freed in the error-handling paths after their allocation to fix the issue.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2024:5101
ALSA-2024:5102
ALSA-2025_16880
BDU:2024-10009
CESA-2024_5101
CESA-2024_5102
CVE-2024-27388
DLA-3840-1
DLA-3842-1
DSA-5681-1
INFSA-2024_5101
INFSA-2024_5102
OESA-2024-1677
OESA-2024-1678
OESA-2024-1682
RHSA-2024:5101
RHSA-2024:5102
RHSA-2024_5101
RHSA-2024_5102
RLSA-2024:5101
RLSA-2024:5102
RXSA-2024:5101
SUSE-SU-2024:1643-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1870-1
SUSE-SU-2024:1983-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2184-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:0834-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0834-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6878-1
USN-6892-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6919-1
USN-8266-1
USN-8267-1
USN-8274-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu