medium
5.5
Advisory Published
Updated

CVE-2024-53049: slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof

First published: Tue Nov 19 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof 'modprobe slub_kunit' will have a warning as shown below. The root cause is that __kmalloc_cache_noprof was directly used, which resulted in no alloc_tag being allocated. This caused current->alloc_tag to be null, leading to a warning in alloc_tag_add_check. Let's add an alloc_hook layer to __kmalloc_cache_noprof specifically within lib/slub_kunit.c, which is the only user of this internal slub function outside kmalloc implementation itself. [58162.947016] WARNING: CPU: 2 PID: 6210 at ./include/linux/alloc_tag.h:125 alloc_tagging_slab_alloc_hook+0x268/0x27c [58162.957721] Call trace: [58162.957919] alloc_tagging_slab_alloc_hook+0x268/0x27c [58162.958286] __kmalloc_cache_noprof+0x14c/0x344 [58162.958615] test_kmalloc_redzone_access+0x50/0x10c [slub_kunit] [58162.959045] kunit_try_run_case+0x74/0x184 [kunit] [58162.959401] kunit_generic_run_threadfn_adapter+0x2c/0x4c [kunit] [58162.959841] kthread+0x10c/0x118 [58162.960093] ret_from_fork+0x10/0x20 [58162.960363] ---[ end trace 0000000000000000 ]---

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=6.11<6.11.7
Linux Kernel=6.12-rc1
Linux Kernel=6.12-rc2
Linux Kernel=6.12-rc3
Linux Kernel=6.12-rc4
Linux Kernel=6.12-rc5

Remedy

https://git.kernel.org/stable/c/2b059d0d1e624adc6e69a754bc48057f8bf459dc

Remedy

https://git.kernel.org/stable/c/79aea7dfd98fbbf282d1408fc21849fc9a677768

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-53049?

    CVE-2024-53049 is considered to be of low severity as it mainly triggers warnings related to memory allocation issues.

  • How do I fix CVE-2024-53049?

    To fix CVE-2024-53049, update your Linux kernel to version 6.12 or later.

  • What software versions are affected by CVE-2024-53049?

    CVE-2024-53049 affects the Linux kernel versions from 6.11 to 6.12-rc5.

  • Can CVE-2024-53049 lead to security breaches?

    CVE-2024-53049 does not directly result in security breaches, as it primarily produces warnings during module loading.

  • What changes were made to address CVE-2024-53049?

    The root cause of CVE-2024-53049 was addressed by fixing the improper use of the __kmalloc_cache_noprof function in the kernel.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203