CVE-2024-50264

Description

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://access.redhat.com/errata/RHSA-2025:2627
• https://errata.rockylinux.org/RLSA-2024:10944
• https://errata.rockylinux.org/RLSA-2024:10943
• https://www.suse.com/security/cve/CVE-2024-50264.html
• https://security-tracker.debian.org/tracker/CVE-2024-50264
• https://bugzilla.redhat.com/2268295
• https://bugzilla.redhat.com/2327168
• https://bugzilla.redhat.com/2327169
• https://bugzilla.redhat.com/2329370
• https://bugzilla.redhat.com/2329924
• https://bugzilla.redhat.com/2334412
• https://errata.almalinux.org/9/ALSA-2025-2627.html
• https://access.redhat.com/errata/RHSA-2024:10943
• https://bugzilla.redhat.com/2312083
• https://bugzilla.redhat.com/2320505
• https://bugzilla.redhat.com/2322308
• https://bugzilla.redhat.com/2323904
• https://bugzilla.redhat.com/2323930
• https://bugzilla.redhat.com/2324315
• https://bugzilla.redhat.com/2324612
• https://bugzilla.redhat.com/2324889
• https://errata.almalinux.org/8/ALSA-2024-10943.html
• https://access.redhat.com/errata/RHSA-2024:10944
• https://errata.almalinux.org/8/ALSA-2024-10944.html

💬 Discuss CVE-2024-50264 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.