CVE-2024-50068

MEDIUM

Linux Kernel 6.7-6.11.5 - Use-After-Free in DAMON Sysfs Target Regions

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not freed in damon_sysfs_test_add_targets(), which cause the following memory leak, free it to fix it. unreferenced object 0xffffff80c2a8db80 (size 96): comm "kunit_try_catch", pid 187, jiffies 4294894363 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000008e6835c1>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000001286d9f8>] damon_sysfs_test_add_targets+0x1cc/0x738 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/05d43455f6bffa6abc7b937ca58be00452e6973f

Patch

https://git.kernel.org/stable/c/2d6a1c835685de3b0c8e8dc871f60f4ef92ab01a

Scores

CVSS v3 5.5

EPSS 0.0018

EPSS Percentile 7.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (9)

linux/Kernel 6.7.0 - 6.11.5linux

Linux/Linux < 6.7

Linux/Linux 6.11.5 - 6.11.*

Linux/Linux 6.12

Linux/Linux 6.7

Linux/Linux b8ee5575f763c239902f8523d82103a45c153b29 - 05d43455f6bffa6abc7b937ca58be00452e6973f

Linux/Linux b8ee5575f763c239902f8523d82103a45c153b29 - 2d6a1c835685de3b0c8e8dc871f60f4ef92ab01a

linux/linux_kernel 6.12 rc1 (3 CPE variants)

linux/linux_kernel 6.7 - 6.11.5

Published Oct 29, 2024

Tracked Since Feb 18, 2026