CVE-2024-50076
Published: 29 October 2024
Summary
CVE-2024-50076 is a medium-severity Missing Initialization of Resource (CWE-909) vulnerability in Linux Linux Kernel. Its CVSS base score is 6.5 (Medium).
Operationally, ranked at the 31.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-44749
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to…
more
modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.