Memory Exhaustion Vulnerability in Linux Kernel Affecting File Handling
CVE-2024-14027
Key Information:
Badges
What is CVE-2024-14027?
A vulnerability in the Linux kernel's file handling mechanism, specifically in the fremovexattr() syscall, can lead to kernel memory exhaustion. The issue arises when fdget() is called to acquire a file reference, but if strncpy_from_user() fails on the name input, the function exits prematurely without executing fdput(). This oversight leads to a persistent file reference leak, where each unsuccessful call creates a pin in memory, resulting in potential exhaustion of kernel memory resources for unprivileged local users. The vulnerability has been addressed in the Linux kernel with a fix implemented in commit a71874379ec8.
Affected Version(s)
Linux c03185f4a23e7f89d84c9981091770e876e64480 < 9a3a2ae5efbbcaed37551218abed94e23c537157
Linux c3a5e3e872f3688ae0dc57bb78ca633921d96a91
Linux c3a5e3e872f3688ae0dc57bb78ca633921d96a91
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.