CVE-2024-53118
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/12/2024
Last modified:
01/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
vsock: Fix sk_error_queue memory leak<br />
<br />
Kernel queues MSG_ZEROCOPY completion notifications on the error queue.<br />
Where they remain, until explicitly recv()ed. To prevent memory leaks,<br />
clean up the queue when the socket is destroyed.<br />
<br />
unreferenced object 0xffff8881028beb00 (size 224):<br />
comm "vsock_test", pid 1218, jiffies 4294694897<br />
hex dump (first 32 bytes):<br />
90 b0 21 17 81 88 ff ff 90 b0 21 17 81 88 ff ff ..!.......!.....<br />
00 00 00 00 00 00 00 00 00 b0 21 17 81 88 ff ff ..........!.....<br />
backtrace (crc 6c7031ca):<br />
[] kmem_cache_alloc_node_noprof+0x2f7/0x370<br />
[] __alloc_skb+0x132/0x180<br />
[] sock_omalloc+0x4b/0x80<br />
[] msg_zerocopy_realloc+0x9e/0x240<br />
[] virtio_transport_send_pkt_info+0x412/0x4c0<br />
[] virtio_transport_stream_enqueue+0x43/0x50<br />
[] vsock_connectible_sendmsg+0x373/0x450<br />
[] ____sys_sendmsg+0x365/0x3a0<br />
[] ___sys_sendmsg+0x84/0xd0<br />
[] __sys_sendmsg+0x47/0x80<br />
[] do_syscall_64+0x93/0x180<br />
[] entry_SYSCALL_64_after_hwframe+0x76/0x7e
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.11.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page