Memory Leak Vulnerability in Linux Kernel's AppArmor
CVE-2024-56741

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 29 December 2024

Summary

A memory leak vulnerability exists within the Linux kernel's AppArmor functionality, specifically in the aa_unpack_strdup() function. The issue arises from the use of kmemdup() to allocate a string, which is not properly freed, leading to memory leaks during execution. As a result, this oversight can cause unreferenced memory objects to accumulate, potentially impacting system performance and stability. Effective measures to address this vulnerability involve ensuring that allocated memory is properly released after use. System administrators and developers are encouraged to monitor and apply relevant kernel updates to mitigate any associated risks.

Affected Version(s)

Linux 4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1

Linux 4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1 < 5354599855a9b5568e05ce686119ee3ff8b19bd5

Linux 4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1 < 89265f88701e54dde255ddf862093baeca57548c

References

https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9...

https://git.kernel.org/stable/c/5354599855a9b5568e05ce686...

https://git.kernel.org/stable/c/89265f88701e54dde255ddf86...

Timeline

Vulnerability published
Dec 29, 2024
Vulnerability Reserved
Dec 29, 2024

Collectors

NVD DatabaseMitre Database