SB2024110867 - Resource management error in Linux kernel nvdimm driver
Published: November 8, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024110867
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-50184)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virtio_pmem_flush() function in drivers/nvdimm/nd_virtio.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/4ce662fe4be6fbc2595d9ef4888b2b6e778c99ed
- https://git.kernel.org/stable/c/9a2bc9b6f929a2ce1ebe4d1a796ddab37568c5b4
- https://git.kernel.org/stable/c/6a5ca0ab94e13a1474bf7ad8437a975c2193618f
- https://git.kernel.org/stable/c/b01793cc63dd39c8f12b9a3d8dc115fbebb19e2a
- https://git.kernel.org/stable/c/ce7a3a62cc533c922072f328fd2ea2fd7cb893d4
- https://git.kernel.org/stable/c/e25fbcd97cf52c3c9824d44b5c56c19673c3dd50
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.227
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.168
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.285
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.113
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.57