PT-2025-3134 · Linux+3 · Linux Kernel+3

Published

2024-12-08

Updated

2025-05-29

CVE-2024-55639

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description A vulnerability in the Linux kernel has been resolved, related to the use of a device tree node in the rswitch device structure. The issue arises from passing the node to of node put() after its first use, which is incorrect because the node is used at several driver locations. To fix this, of node put() for the node is moved to exit paths.

Recommendations For versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider modifying the driver to avoid the use-after-put condition by moving of node put() to exit paths, similar to the fix applied in version 6.6.74.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-07752

CVE-2024-55639

MGASA-2025-0030

MGASA-2025-0032

OESA-2025-1078

OESA-2025-1079

OPENSUSE-SU-2025_0428-1

OPENSUSE-SU-2025_0499-1

OPENSUSE-SU-2025_0557-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:0428-1

SUSE-SU-2025:0499-1

SUSE-SU-2025:0557-1

SUSE-SU-2025:20165-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20248-1

SUSE-SU-2025:20249-1

SUSE-SU-2025_0428-1

SUSE-SU-2025_0499-1

SUSE-SU-2025_0557-1

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

USN-7513-1

USN-7513-2

USN-7513-3

USN-7513-4

USN-7513-5

USN-7514-1

USN-7515-1

USN-7515-2

USN-7522-1

USN-7523-1

USN-7524-1

Affected Products

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2025-3134 · Linux+3 · Linux Kernel+3

CVE-2024-55639

Weakness Enumeration

Related Identifiers

Affected Products

References · 2416