CVE-2024-26993: fs: sysfs: Fix reference leak in sysfs_break_active_protection()
Published May 1, 2024
·Updated
fs: sysfs: Fix reference leak in sysfsbreakactiveprotection()
Affected Software
28 affected componentsFixes available
Linux Linux kernel>=3.16.62<3.17
Linux Linux kernel>=3.18.121<3.19
Linux Linux kernel>=4.4.154<4.5
Linux Linux kernel>=4.9.125<4.10
Linux Linux kernel>=4.14.68<4.15
Linux Linux kernel>=4.18.6<4.19
Linux Linux kernel>=4.19<5.15.157
Linux Linux kernel>=5.16<6.1.88
Linux Linux kernel>=6.2<6.6.29
Linux Linux kernel>=6.7<6.8.8
Linux Linux kernel=6.9-rc1
Linux Linux kernel=6.9-rc2
Linux Linux kernel=6.9-rc3
Linux Linux kernel=6.9-rc4
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.22-16.12.25-1
redhat/kernel<5.15.157
5.15.157
redhat/kernel<6.1.88
6.1.88
redhat/kernel<6.6.29
6.6.29
redhat/kernel<6.8.8
6.8.8
redhat/kernel<6.9
6.9
Microsoft azl3 hyperv-daemons 6.6.22.1-2
Microsoft cbl2 hyperv-daemons 5.15.158.1-1
Microsoft cbl2 hyperv-daemons 5.15.153.1-1
Microsoft azl3 hyperv-daemons 6.6.35.1-1
Remediation
Event History
May 1, 2024
CVE Published
via MITRE·05:28 AM
Data Sourced
via MITRE·05:28 AM
Description
Data Sourced
via NVD·06:15 AM
RemedyDescriptionSeverityAffected Software
Data Sourced
via Red Hat·07:08 PM
DescriptionSeverityAffected Software
May 13, 2024
Data Sourced
via Microsoft·07:00 AM
DescriptionSeverityWeakness
Data Sourced
via Microsoft·07:00 AM
Affected Software
Updated
via Microsoft·07:00 AM
Description
Updated
via Microsoft·07:00 AM
DescriptionSeverity
Jul 11, 2024
Data Sourced
via Launchpad·07:45 PM
Description
Apr 27, 2025
Data Sourced
via Ubuntu·12:16 AM
RemedyDescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2024-26993?
CVE-2024-26993 is categorized as a medium severity vulnerability in the Linux kernel.
2
How do I fix CVE-2024-26993?
To fix CVE-2024-26993, update the Linux kernel to version 5.15.157, 6.1.88, 6.6.29, 6.8.8, or newer.
3
Which Linux kernel versions are affected by CVE-2024-26993?
CVE-2024-26993 affects various versions of the Linux kernel, specifically versions prior to 5.15.157, 6.1.88, 6.6.29, and 6.8.8.
4
What components are impacted by CVE-2024-26993?
CVE-2024-26993 impacts the sysfs component of the Linux kernel.
5
Is CVE-2024-26993 common in previous kernels?
Yes, CVE-2024-26993 may be common in kernel versions from 3.16.62 to onwards but below the specified patched versions.