CVE-2024-47677

Published: Oct 21, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates more memory, leading to a memory leak. Here's link to syzkaller crash report illustrating this issue: https://syzkaller.appspot.com/text?tag=CrashReport&x=1406c201980000

Vendor	Product	Versions
Linux	Linux	affected `a13d1a4de3b0fe3c41d818697d691c886c5585fa - < f9835aec49670c46ebe2973032caaa1043b3d4da` affected `a13d1a4de3b0fe3c41d818697d691c886c5585fa - < 331ed2c739ce656a67865f6b3ee0a478349d78cb` affected `a13d1a4de3b0fe3c41d818697d691c886c5585fa - < c290fe508eee36df1640c3cb35dc8f89e073c8a8`
Linux	Linux	affected `6.8` unaffected `0 - < 6.8` unaffected `6.10.13 - <= 6.10.` unaffected `6.11.2 - <= 6.11.` unaffected `6.12 - <= *`

References

https://git.kernel.org/stable/c/f9835aec49670c46ebe2973032caaa1043b3d4da

https://git.kernel.org/stable/c/331ed2c739ce656a67865f6b3ee0a478349d78cb

https://git.kernel.org/stable/c/c290fe508eee36df1640c3cb35dc8f89e073c8a8

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-47677

Description

Affected Products

References