What is CVE-2024-14027?

CVE-2024-14027 is a vulnerability in Linux. Published 2026-03-09.

Is CVE-2024-14027 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Linux

CVE-2024-14027

In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput() in fremovexattr error path In the Linux kernel, the fremovexattr() syscall calls fdget() to acquire a file reference but returns early without…

EPSS: 0.000 (3.1th percentile) — read the EPSS interpretation.

Affected products

Linux — versions c3a5e3e872f3688ae0dc57bb78ca633921d96a91, 6.13, 6.6.51

Public proof-of-concept exploits

lcfr-eth/CVE-2024-14027_slop

References

git.kernel.org/stable/c/9a3a2ae5efbbcaed37551218abed94e23c537157
git.kernel.org/stable/c/d151b94967c8247005435b63fc60f8f4baa320da
git.kernel.org/stable/c/a71874379ec8c6e788a61d71b3ad014a8d9a5c08

Frequently asked questions

What is CVE-2024-14027?: CVE-2024-14027 is a vulnerability in Linux. Published 2026-03-09.
Is CVE-2024-14027 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.