CVE-2024-50133
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 5, 2024
Updated: Nov 7, 2024
CWE ID 476
Summary
CVE-2024-50133: A vulnerability has been identified in the Linux kernel that can cause tasks without a vDSO (Virtual Function Descriptor Table for System Calls) to crash when calling the stack_top() function. This issue is particularly relevant to kthreads, which never have a vDSO mapped. The crash occurs due to a NULL vdso pointer dereference, which can happen during the initialization of certain tests using the kunit framework. This vulnerability can be exploited to cause denial of service (DoS) attacks by triggering the crash in affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX