CVE-2024-41001

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> io_uring/sqpoll: work around a potential audit memory leak<br /> <br /> kmemleak complains that there&amp;#39;s a memory leak related to connect<br /> handling:<br /> <br /> unreferenced object 0xffff0001093bdf00 (size 128):<br /> comm "iou-sqp-455", pid 457, jiffies 4294894164<br /> hex dump (first 32 bytes):<br /> 02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> backtrace (crc 2e481b1a):<br /> [] kmemleak_alloc+0x30/0x38<br /> [] kmalloc_trace+0x228/0x358<br /> [] __audit_sockaddr+0xd0/0x138<br /> [] move_addr_to_kernel+0x1a0/0x1f8<br /> [] io_connect_prep+0x1ec/0x2d4<br /> [] io_submit_sqes+0x588/0x1e48<br /> [] io_sq_thread+0x8a4/0x10e4<br /> [] ret_from_fork+0x10/0x20<br /> <br /> which can can happen if:<br /> <br /> 1) The command type does something on the prep side that triggers an<br /> audit call.<br /> 2) The thread hasn&amp;#39;t done any operations before this that triggered<br /> an audit call inside -&gt;issue(), where we have audit_uring_entry()<br /> and audit_uring_exit().<br /> <br /> Work around this by issuing a blanket NOP operation before the SQPOLL<br /> does anything.