vulnerability
Debian: CVE-2024-41001: linux, linux-6.1 -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 07/12/2024 | 07/18/2024 | 01/30/2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
io_uring/sqpoll: work around a potential audit memory leak
kmemleak complains that there's a memory leak related to connect
handling:
unreferenced object 0xffff0001093bdf00 (size 128):
comm "iou-sqp-455", pid 457, jiffies 4294894164
hex dump (first 32 bytes):
02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace (crc 2e481b1a):
[] kmemleak_alloc+0x30/0x38
[] kmalloc_trace+0x228/0x358
[] __audit_sockaddr+0xd0/0x138
[] move_addr_to_kernel+0x1a0/0x1f8
[] io_connect_prep+0x1ec/0x2d4
[] io_submit_sqes+0x588/0x1e48
[] io_sq_thread+0x8a4/0x10e4
[] ret_from_fork+0x10/0x20
which can can happen if:
1) The command type does something on the prep side that triggers an
audit call.
2) The thread hasn't done any operations before this that triggered
an audit call inside ->issue(), where we have audit_uring_entry()
and audit_uring_exit().
Work around this by issuing a blanket NOP operation before the SQPOLL
does anything.
Solution(s)
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.