PT-2024-9953 · Linux+7 · Linux Kernel+7

Ming-Hung Tsai

·

Published

2024-10-21

·

Updated

2026-05-26

·

CVE-2024-50280

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to the dm cache component of the Linux kernel, specifically with the flush work() function. It may cause an unexpected WARN ON when cache creation fails due to the destruction of an uninitialized delayed work waker in the error path of cache create(). This can occur, for example, on a superblock checksum error. The problem is associated with the use of memory after it has been freed, which could potentially allow an attacker to cause a denial of service.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Use After Free

Weakness Enumeration

CWE-667CWE-416

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
BDU:2025-00065
CVE-2024-50280
DLA-4008-1
DLA-4178-1
DSA-5818-1
OESA-2024-2590
OESA-2025-1095
OESA-2025-1096
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0153-1
OPENSUSE-SU-2025_0154-1
OPENSUSE-SU-2025_0201-1
OPENSUSE-SU-2025_0229-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0153-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0201-1
SUSE-SU-2025:0201-2
SUSE-SU-2025:0229-1
SUSE-SU-2025:0236-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0201-1
SUSE-SU-2025_0201-2
SUSE-SU-2025_0236-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7711-1
USN-7712-1
USN-7712-2

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu