SB2024110856 - Reachable assertion in Linux kernel lib
Published: November 8, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024110856
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Reachable assertion (CVE-ID: CVE-2024-50200)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the mte_node_or_none(), mas_wr_walk(), mas_wr_walk_index() and mas_wr_spanning_store() functions in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/7c7874977da9e47ca0f53d8b9a5b17385fed83f2
- https://git.kernel.org/stable/c/677f1df179cb68c12ddf7707ec325eb50e99c7d9
- https://git.kernel.org/stable/c/982dd0d26d1f015ed34866579480d2be5250b0ef
- https://git.kernel.org/stable/c/bea07fd63192b61209d48cbb81ef474cc3ee4c62
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.114
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.58