CVE-2024-50068: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets()
First published: Tue Oct 29 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not freed in damon_sysfs_test_add_targets(), which cause the following memory leak, free it to fix it. unreferenced object 0xffffff80c2a8db80 (size 96): comm "kunit_try_catch", pid 187, jiffies 4294894363 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000008e6835c1>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000001286d9f8>] damon_sysfs_test_add_targets+0x1cc/0x738 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=6.7<6.11.5 | |
| Linux Kernel | =6.12-rc1 | |
| Linux Kernel | =6.12-rc2 | |
| Linux Kernel | =6.12-rc3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-50068?
The severity of CVE-2024-50068 is categorized as a medium risk due to the memory leak in the Linux kernel.
How do I fix CVE-2024-50068?
To fix CVE-2024-50068, upgrade your Linux kernel to version 6.11.5 or later.
Which versions of the Linux kernel are affected by CVE-2024-50068?
CVE-2024-50068 affects versions of the Linux kernel from 6.7 up to 6.11.5, as well as 6.12-rc1, 6.12-rc2, and 6.12-rc3.
What components are involved in CVE-2024-50068?
CVE-2024-50068 involves the damon_sysfs_test_add_targets function in the Linux kernel.
Is there a proof of concept for CVE-2024-50068?
As of now, there is no public proof of concept specifically mentioned for CVE-2024-50068.
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/weakness
- agent/severity
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- version/linux kernel/6.7
- version/linux kernel/6.12-rc1
- version/linux kernel/6.12-rc2
- version/linux kernel/6.12-rc3