Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2024-41001

Disclosure Date: July 12, 2024 •

CVE-2024-41001 CVSS v3 Base Score: 5.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

io_uring/sqpoll: work around a potential audit memory leak

kmemleak complains that there’s a memory leak related to connect
handling:

unreferenced object 0xffff0001093bdf00 (size 128):
comm “iou-sqp-455”, pid 457, jiffies 4294894164
hex dump (first 32 bytes):
02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 …………….
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 …………….
backtrace (crc 2e481b1a):
[<00000000c0a26af4>] kmemleak_alloc+0x30/0x38
[<000000009c30bb45>] kmalloc_trace+0x228/0x358
[<000000009da9d39f>] __audit_sockaddr+0xd0/0x138
[<0000000089a93e34>] move_addr_to_kernel+0x1a0/0x1f8
[<000000000b4e80e6>] io_connect_prep+0x1ec/0x2d4
[<00000000abfbcd99>] io_submit_sqes+0x588/0x1e48
[<00000000e7c25e07>] io_sq_thread+0x8a4/0x10e4
[<00000000d999b491>] ret_from_fork+0x10/0x20

which can can happen if:

The command type does something on the prep side that triggers an
audit call.
The thread hasn’t done any operations before this that triggered
an audit call inside –>issue(), where we have audit_uring_entry()
and audit_uring_exit().

Work around this by issuing a blanket NOP operation before the SQPOLL
does anything.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.5 Medium

Impact Score:

3.6

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

linux

Products

linux kernel

References

Canonical

CVE-2024-41001 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41001)

Miscellaneous

https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227

https://git.kernel.org/stable/c/9e810bd995823786ea30543e480e8a573e5e5667

https://git.kernel.org/stable/c/a40e90d9304629002fb17200f7779823a81191d3

https://git.kernel.org/stable/c/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae

Rapid7

Unknown

CVE-2024-41001

Unknown

Unknown

None

Low

Local

CVE-2024-41001

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-41001

Unknown

Unknown

None

Low

Local

CVE-2024-41001

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification