Lucene search
LinuxCVE-2024-41076HistoryJul 29, 2024 - 3:15 p.m.
CVE-2024-41076
2024-07-2915:15:15
CWE-401
Linux
web.nvd.nist.gov
30
linux kernel
nfsv4
memory leak
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.0%
In the Linux kernel, the following vulnerability has been resolved:
NFSv4: Fix memory leak in nfs4_set_security_label
We leak nfs_fattr and nfs4_label every time we set a security xattr.
Affected configurations
Node
linuxlinux_kernelRange<6.1.101
ORlinuxlinux_kernelRange6.2–6.6.42
ORlinuxlinux_kernelRange6.7–6.9.11
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfs/nfs4proc.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "899604a7c958",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "b98090699319",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "d130220ccc94",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "aad11473f8f4",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfs/nfs4proc.c"
],
"versions": [
{
"version": "6.1.101",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.42",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.11",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
debiancve
debiancve
CVE-2024-41076
2024-07-29 15:15:15
redhatcve
redhatcve
CVE-2024-41076
2024-07-31 09:15:27
cvelist
cvelist
CVE-2024-41076 NFSv4: Fix memory leak in nfs4_set_security_label
2024-07-29 14:57:35
vulnrichment
vulnrichment
CVE-2024-41076 NFSv4: Fix memory leak in nfs4_set_security_label
2024-07-29 14:57:35
osv
osv
CVE-2024-41076
2024-07-29 15:15:15
Security update for the Linux Kernel
2024-08-13 14:05:51
Security update for the Linux Kernel
2024-08-14 07:24:46
cbl_mariner
cbl_mariner
CVE-2024-41076 affecting package kernel for versions less than 6.6.47.1-1
2024-08-27 05:08:14
nvd
nvd
CVE-2024-41076
2024-07-29 15:15:15
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:5673)
2024-08-25 00:00:00
RHEL 9 : kernel (RHSA-2024:5672)
2024-08-25 00:00:00
RHEL 8 : kernel (RHSA-2024:6206)
2024-09-05 00:00:00
redhat
redhat
(RHSA-2024:5673) Important: kernel-rt security update
2024-08-21 00:10:13
(RHSA-2024:5672) Important: kernel security update
2024-08-21 00:10:06
oraclelinux
oraclelinux
kernel security update
2024-08-28 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2024-5.0-0345
2024-08-09 00:00:00
mageia
mageia
Updated kernel, kmod-xtables-addons & kmod-virtualbox packages fix security vulnerabilities
2024-08-07 08:49:38
Updated kernel-linus packages fix security vulnerabilities
2024-08-07 08:49:38
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0277)
2024-08-07 00:00:00
Mageia: Security Advisory (MGASA-2024-0278)
2024-08-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.0%
Related for CVE-2024-41076