PT-2025-3625 · Linux+7 · Linux Kernel+7

Syzbot

·

Published

2025-01-02

·

Updated

2026-03-13

·

CVE-2024-57900

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description A race condition was found in the Linux kernel's ila add mapping() function, which could lead to a slab-use-after-free error. This issue was discovered by syzbot and is related to concurrent ILA CMD ADD commands. To fix this, a mutex was added to ensure that only one thread can call nf register net hooks() at a time. The vulnerability is related to the nf register net hooks() function and the ila add mapping() function.
Recommendations To resolve this issue, update the Linux kernel to version 6.6.74 or later. As a temporary workaround, consider disabling the ila add mapping() function until a patch is available. Restrict access to the vulnerable nf register net hooks() function to minimize the risk of exploitation. Avoid using the ILA CMD ADD command in the affected API endpoint until the issue is resolved.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2025-1057
ALT-PU-2025-12647
ALT-PU-2025-1879
ALT-PU-2025-1925
ALT-PU-2025-3483
ALT-PU-2025-3507
ALT-PU-2025-5437
BDU:2025-02845
CVE-2024-57900
DLA-4075-1
DLA-4076-1
ECHO-7C5C-C702-4642
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1158
OESA-2025-1162
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:1293-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
SUSE-SU-2025_1293-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7391-1
USN-7392-1
USN-7392-2
USN-7392-3
USN-7392-4
USN-7393-1
USN-7401-1
USN-7407-1
USN-7413-1
USN-7421-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7463-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu