Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-56741

Опубликовано: 29 дек. 2024
Источник: redhat
CVSS3: 5.5

Описание

[REJECTED CVE] A vulnerability was suspected in the Linux kernel's AppArmor test suite due to memory leaks caused by the aa_unpack_strdup() function not freeing memory allocated via kmemdup(). However, this issue was confined to kernel unit tests (kunit_try_catch) and did not impact runtime security or user-space interactions. An attacker could not exploit this bug, as it involved internal test code paths with no exposure to unprivileged users.

Отчет

This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2025030336-REJECTED-039a@gregkh/

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-401
https://bugzilla.redhat.com/show_bug.cgi?id=2334808kernel: apparmor: test: Fix memory leak for aa_unpack_strdup()

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-56741

ubuntu
7 месяцев назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

nvd логотип

CVE-2024-56741

nvd
7 месяцев назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

msrc логотип

CVE-2024-56741

msrc
6 месяцев назад

Описание отсутствует

github логотип

GHSA-36r9-gj33-8p48

CVSS3: 5.5
github
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<000000008ecde918>] policy_unpack_test_unpack_strdup_with_null_name+0xf8/0x3ec [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_fro...

oracle-oval логотип

ELSA-2025-20095

oracle-oval
6 месяцев назад

ELSA-2025-20095: Unbreakable Enterprise kernel security update (IMPORTANT)

5.5 Medium

CVSS3