PT-2024-8511 · Linux+9 · Linux Kernel+9

Published

2024-04-24

·

Updated

2025-09-29

·

CVE-2024-35852

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A memory leak vulnerability has been identified in the Linux kernel, specifically in the mlxsw spectrum acl tcam component. The issue arises when the rehash delayed work is canceled while pending, leading to the leakage of hints that were allocated during the migration process. This vulnerability can be exploited to cause a denial of service. The vulnerability is resolved by freeing the hints associated with a work that was canceled while pending.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2024:4211
ALSA-2024:4352
ALSA-2024:5363
ALSA-2025_16880
AZL-42139
BDU:2024-10071
CESA-2024_4211
CESA-2024_4352
CVE-2024-35852
DLA-3842-1
INFSA-2024_4211
INFSA-2024_4352
INFSA-2024_5363
MGASA-2024-0263
MGASA-2024-0266
RHSA-2024:4211
RHSA-2024:4352
RHSA-2024:5255
RHSA-2024:5281
RHSA-2024:5363
RHSA-2024:5364
RHSA-2024:5365
RHSA-2024_4211
RHSA-2024_4352
RHSA-2024_5363
RLSA-2024:4211
RLSA-2024:4352
RLSA-2024:5363
RXSA-2024:4211
SUSE-SU-2024:2008-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6917-1
USN-6919-1
USN-6927-1
USN-6949-1
USN-6949-2
USN-6952-1
USN-6952-2
USN-6955-1
USN-7019-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu