CVE-2024-26840
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/04/2024
Last modified:
07/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
cachefiles: fix memory leak in cachefiles_add_cache()<br />
<br />
The following memory leak was reported after unbinding /dev/cachefiles:<br />
<br />
==================================================================<br />
unreferenced object 0xffff9b674176e3c0 (size 192):<br />
comm "cachefilesd2", pid 680, jiffies 4294881224<br />
hex dump (first 32 bytes):<br />
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br />
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br />
backtrace (crc ea38a44b):<br />
[] kmem_cache_alloc+0x2d5/0x370<br />
[] prepare_creds+0x26/0x2e0<br />
[] cachefiles_determine_cache_security+0x1f/0x120<br />
[] cachefiles_add_cache+0x13c/0x3a0<br />
[] cachefiles_daemon_write+0x146/0x1c0<br />
[] vfs_write+0xcb/0x520<br />
[] ksys_write+0x69/0xf0<br />
[] do_syscall_64+0x72/0x140<br />
[] entry_SYSCALL_64_after_hwframe+0x6e/0x76<br />
==================================================================<br />
<br />
Put the reference count of cache_cred in cachefiles_daemon_unbind() to<br />
fix the problem. And also put cache_cred in cachefiles_add_cache() error<br />
branch to avoid memory leaks.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.30 (including) | 4.19.309 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.271 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.212 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.151 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.80 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.19 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285
- https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3
- https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8
- https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58
- https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579
- https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a
- https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083
- https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444
- https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285
- https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3
- https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8
- https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58
- https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579
- https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a
- https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083
- https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html