CVE-2024-41001
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-41001
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41001.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-41001
- Downstream
- Related
- Published
- 2024-07-12T13:15:21Z
- Modified
- 2025-08-09T20:01:27Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
io_uring/sqpoll: work around a potential audit memory leak
kmemleak complains that there's a memory leak related to connect handling:
unreferenced object 0xffff0001093bdf00 (size 128): comm "iou-sqp-455", pid 457, jiffies 4294894164 hex dump (first 32 bytes): 02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 2e481b1a): [<00000000c0a26af4>] kmemleakalloc+0x30/0x38 [<000000009c30bb45>] kmalloctrace+0x228/0x358 [<000000009da9d39f>] _auditsockaddr+0xd0/0x138 [<0000000089a93e34>] moveaddrtokernel+0x1a0/0x1f8 [<000000000b4e80e6>] ioconnectprep+0x1ec/0x2d4 [<00000000abfbcd99>] iosubmitsqes+0x588/0x1e48 [<00000000e7c25e07>] iosqthread+0x8a4/0x10e4 [<00000000d999b491>] retfrom_fork+0x10/0x20
which can can happen if:
1) The command type does something on the prep side that triggers an audit call. 2) The thread hasn't done any operations before this that triggered an audit call inside ->issue(), where we have audituringentry() and audituringexit().
Work around this by issuing a blanket NOP operation before the SQPOLL does anything.
- References