CVE-2024-41001

CVE Details

Release Date:

2024-07-12

Description

In the Linux kernel, the following vulnerability has been resolved:\nio_uring/sqpoll: work around a potential audit memory leak\nkmemleak complains that there's a memory leak related to connect\nhandling:\nunreferenced object 0xffff0001093bdf00 (size 128):\ncomm 'iou-sqp-455', pid 457, jiffies 4294894164\nhex dump (first 32 bytes):\n02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace (crc 2e481b1a):\n[<00000000c0a26af4>] kmemleak_alloc+0x30/0x38\n[<000000009c30bb45>] kmalloc_trace+0x228/0x358\n[<000000009da9d39f>] __audit_sockaddr+0xd0/0x138\n[<0000000089a93e34>] move_addr_to_kernel+0x1a0/0x1f8\n[<000000000b4e80e6>] io_connect_prep+0x1ec/0x2d4\n[<00000000abfbcd99>] io_submit_sqes+0x588/0x1e48\n[<00000000e7c25e07>] io_sq_thread+0x8a4/0x10e4\n[<00000000d999b491>] ret_from_fork+0x10/0x20\nwhich can can happen if:\n1) The command type does something on the prep side that triggers an\naudit call.\n2) The thread hasn't done any operations before this that triggered\nan audit call inside ->issue(), where we have audit_uring_entry()\nand audit_uring_exit().\nWork around this by issuing a blanket NOP operation before the SQPOLL\ndoes anything.

See more information about CVE-2024-41001 from MITRE CVE dictionary and NIST NVD

CVSS Scoring

NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score:	5.1	CVSS Vector:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L
Attack Vector:	Local network	Attack Complexity:	Low
Privileges Required:	High	User Interaction:	None
Scope:	Unchanged	Confidentiality Impact:	High
Integrity Impact:	None	Availability Impact:	Low

Errata information

Platform	Errata	Release Date
Oracle Linux version 9 (kernel)	ELSA-2024-9315	2024-11-14