CVE-2024-41025

MEDIUM

Linux Kernel - Memory Leak

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is never freed which might result in memory leak. Free the memory when it is not needed.

References (3)

[Patch] https://git.kernel.org/stable/c/8b8b82dcf393ceaca8c88939338fd4c30b5b11b2

[Patch] https://git.kernel.org/stable/c/ad0bd973a033003ca578c42a760d1dc77aeea15e

[Patch] https://git.kernel.org/stable/c/dbf4c31c9b039fd9734da156036492a2a7f78f64

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (10)

linux/linux_kernel < 6.6.41

linux/linux_kernel

linux/Kernel < 6.6.41linux

linux/Kernel < 6.9.10linux

Timeline

Published Jul 29, 2024

Tracked Since Feb 18, 2026