CVE-2024-57841
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-57841
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-57841.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-57841
- Downstream
- Related
- Published
- 2025-01-15T13:10:26.842Z
- Modified
- 2025-11-27T19:35:34.039634Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- net: fix memory leak in tcp_conn_request()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: fix memory leak in tcpconnrequest()
If inetcskreqskqueuehashadd() return false, tcpconnrequest() will return without free the dst memory, which allocated in afops->route_req.
Here is the kmemleak stack:
unreferenced object 0xffff8881198631c0 (size 240): comm "softirq", pid 0, jiffies 4299266571 (age 1802.392s) hex dump (first 32 bytes): 00 10 9b 03 81 88 ff ff 80 98 da bc ff ff ff ff ................ 81 55 18 bb ff ff ff ff 00 00 00 00 00 00 00 00 .U.............. backtrace: [<ffffffffb93e8d4c>] kmemcachealloc+0x60c/0xa80 [<ffffffffba11b4c5>] dstalloc+0x55/0x250 [<ffffffffba227bf6>] rtdstalloc+0x46/0x1d0 [<ffffffffba23050a>] _mkrouteoutput+0x29a/0xa50 [<ffffffffba23456b>] iprouteoutputkeyhash+0x10b/0x240 [<ffffffffba2346bd>] iprouteoutputflow+0x1d/0x90 [<ffffffffba254855>] inetcskroutereq+0x2c5/0x500 [<ffffffffba26b331>] tcpconnrequest+0x691/0x12c0 [<ffffffffba27bd08>] tcprcvstateprocess+0x3c8/0x11b0 [<ffffffffba2965c6>] tcpv4dorcv+0x156/0x3b0 [<ffffffffba299c98>] tcpv4rcv+0x1cf8/0x1d80 [<ffffffffba239656>] ipprotocoldeliverrcu+0xf6/0x360 [<ffffffffba2399a6>] iplocaldeliverfinish+0xe6/0x1e0 [<ffffffffba239b8e>] iplocaldeliver+0xee/0x360 [<ffffffffba239ead>] iprcv+0xad/0x2f0 [<ffffffffba110943>] _netifreceiveskbone_core+0x123/0x140
Call dstrelease() to free the dst memory when inetcskreqskqueuehashadd() return false in tcpconnrequest().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2024/57xxx/CVE-2024-57841.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/2af69905180b3fea12f9c1db374b153a06977021
- https://git.kernel.org/stable/c/4f4aa4aa28142d53f8b06585c478476cfe325cfc
- https://git.kernel.org/stable/c/9d38959677291552d1b0ed2689a540af279b5bf8
- https://git.kernel.org/stable/c/b0b190218c78d8aeecfba36ea3a90063b3ede52d
- https://git.kernel.org/stable/c/de3f999bf8aee16e9da1c1224191abdc69e97c9d
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced527bec1f56ac7a2fceb8eb77eb0fc2678ecba394Fixed9d38959677291552d1b0ed2689a540af279b5bf8
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc14f3c3793f7a785763e353df7fc40426187f832Fixedde3f999bf8aee16e9da1c1224191abdc69e97c9d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedfdae4d139f4778b20a40c60705c53f5f146459b5Fixed2af69905180b3fea12f9c1db374b153a06977021
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedff46e3b4421923937b7f6e44ffcd3549a074f321Fixedb0b190218c78d8aeecfba36ea3a90063b3ede52d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedff46e3b4421923937b7f6e44ffcd3549a074f321Fixed4f4aa4aa28142d53f8b06585c478476cfe325cfc
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected360892e60710427229fc1f7bb2218cf4d578229b
Linux / Kernel
Package
- Name
- Kernel