PT-2025-3649 · Linux+6 · Linux Kernel+6

Dmitry Safonov

·

Published

2024-12-19

·

Updated

2026-05-26

·

CVE-2024-57924

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to v6.6
Description The issue is related to the encoding of file handles in the Linux kernel. The encode fh() method may fail for various reasons, and some users of exportfs encode {fh,fid}() have a WARN ON() assertion when this failure occurs. However, this assertion is incorrect and has been relaxed. The legacy users of exportfs encode fh(), such as nfsd and the name to handle at(2) syscall, are prepared to handle the possibility of failure to encode a file handle.
Recommendations For Linux kernel versions prior to v6.6, apply the patch that relaxes the assertions on failure to encode file handles. As a temporary workaround, consider disabling the exportfs encode {fh,fid}() functions until the patch is applied. Restrict access to the vulnerable encode fh() method to minimize the risk of exploitation. Avoid using the encode fh() method in sensitive operations until the issue is resolved.

Exploit

Fix

DoS

Assertion Failure

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2025-12647
AZL-67842
BDU:2025-15230
CVE-2024-57924
DLA-4328-1
DSA-6009-1
ECHO-C107-9FE0-9B7B
INFESA-2025_0006
OESA-2025-1371
OESA-2025-1372
OPENSUSE-SU-2025_01614-1
OPENSUSE-SU-2025_01707-1
SUSE-SU-2025:01600-1
SUSE-SU-2025:01614-1
SUSE-SU-2025:01707-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:20343-1
SUSE-SU-2025:20344-1
SUSE-SU-2025:20354-1
SUSE-SU-2025:20355-1
SUSE-SU-2025_01600-1
SUSE-SU-2025_01614-1
SUSE-SU-2025_01707-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01967-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7595-1
USN-7595-2
USN-7595-3
USN-7595-4
USN-7595-5
USN-7596-1
USN-7596-2
USN-7653-1

Affected Products

Alt Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu