Unrated severityOSV Advisory· Published Jan 3, 2024· Updated Nov 21, 2025
Packagekitd: use-after-free in idle function callback
CVE-2024-0217
Description
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
103- Range: PACKAGEKIT_0_1_0, PACKAGEKIT_0_1_1, PACKAGEKIT_0_1_2, …
- osv-coords102 versionspkg:rpm/opensuse/PackageKit&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/libyui&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libyui&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libyui&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libyui&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-ncurses&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-ncurses&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-ncurses&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP2pkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP3pkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libyui-ncurses-pkg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-ncurses-rest-api&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-ncurses-rest-api&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-ncurses-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-ncurses-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-qt&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-qt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-qt-graph&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-qt-graph&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt-graph&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt-graph&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP2pkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP3pkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libyui-qt-pkg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-qt-rest-api&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-qt-rest-api&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-qt-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libyui-rest-api&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libyui-rest-api&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libyui-rest-api&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libyui-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libyui-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libyui-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libyui-rest-api&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libzypp&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP2pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP3pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libzypp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/PackageKit-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/PackageKit&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/PackageKit&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP2pkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP3pkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/yast2-pkg-bindings&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/zypper&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/zypper&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 1.2.4-150400.3.13.1+ 101 more
- (no CPE)range: < 1.2.4-150400.3.13.1
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 3.9.3-150200.3.2.6
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 3.9.3-150200.3.2.6
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 3.9.3-150200.3.2.6
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.19
- (no CPE)range: < 2.50.8-150200.3.5.5
- (no CPE)range: < 4.1.5-150300.3.10.19
- (no CPE)range: < 2.50.8-150200.3.5.5
- (no CPE)range: < 4.1.5-150300.3.10.19
- (no CPE)range: < 2.50.8-150200.3.5.5
- (no CPE)range: < 4.1.5-150300.3.10.19
- (no CPE)range: < 2.50.8-150200.3.5.5
- (no CPE)range: < 4.1.5-150300.3.10.19
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.17
- (no CPE)range: < 2.47.5-150200.3.4.4
- (no CPE)range: < 4.1.5-150300.3.10.17
- (no CPE)range: < 2.47.5-150200.3.4.4
- (no CPE)range: < 4.1.5-150300.3.10.17
- (no CPE)range: < 2.47.5-150200.3.4.4
- (no CPE)range: < 4.1.5-150300.3.10.17
- (no CPE)range: < 2.47.5-150200.3.4.4
- (no CPE)range: < 4.1.5-150300.3.10.17
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 0.3.0-150200.3.2.2
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 0.3.0-150200.3.2.2
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 0.3.0-150200.3.2.2
- (no CPE)range: < 4.1.5-150300.3.10.5
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 17.32.2-150200.92.3
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 12.0-150200.9.2.2
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.2.4-150400.3.13.1
- (no CPE)range: < 1.1.3-24.18.1
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.1.3-24.18.1
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.1.13-150200.4.30.4
- (no CPE)range: < 1.1.3-24.18.1
- (no CPE)range: < 1.1.3-24.18.1
- (no CPE)range: < 1.2.4-150400.3.13.1
- (no CPE)range: < 4.3.13-150300.3.8.21
- (no CPE)range: < 4.2.17-150200.3.24.6
- (no CPE)range: < 4.3.13-150300.3.8.21
- (no CPE)range: < 4.2.17-150200.3.24.6
- (no CPE)range: < 4.3.13-150300.3.8.21
- (no CPE)range: < 4.2.17-150200.3.24.6
- (no CPE)range: < 4.3.13-150300.3.8.21
- (no CPE)range: < 4.2.17-150200.3.24.6
- (no CPE)range: < 4.3.13-150300.3.8.21
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
- (no CPE)range: < 1.14.69-150200.73.7
Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
3- access.redhat.com/security/cve/CVE-2024-0217mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- github.com/PackageKit/PackageKit/commit/64278c9127e3333342b56ead99556161f7e86f79mitre
News mentions
0No linked articles in our index yet.