PT-2024-8534 · Linux+4 · Linux Kernel+4

Published

2024-10-28

·

Updated

2025-06-09

·

CVE-2024-50228

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.61
Description The issue is related to a data-race in the shmem getattr() function in the Linux kernel's shared memory subsystem. This data-race occurs when generic fillattr() is called without proper locking, leading to potential unexpected behavior. The problem arises because shmem getattr() does not protect the inode when calling generic fillattr(), making it susceptible to data-races caused by functions like shmem unlink() or shmem mknod(). This can result in unexpected results.
Recommendations For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider applying patches that protect the inode using inode lock shared() and inode unlock shared() when calling generic fillattr() from shmem getattr() to prevent data-races.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2024-15739
BDU:2024-10101
CVE-2024-50228
DSA-5818-1
INFSA-2025_6966
MGASA-2024-0368
MGASA-2024-0369
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:14705-1
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0153-1
OPENSUSE-SU-2025_0154-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0153-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0236-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0236-1

Affected Products

Alt Linux
Linux Kernel
Red Hat
Red Os
Suse