CVE-2024-0443 Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.

🗓️ 11 Jan 2024 23:30:52Reported by redhatType

CVE-2024-0443 Kernel: blkio memory leakage due to blkcg and some blkgs not free

Reporter	Title	Published	Views	Family All 128
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple Kernel vulnerabilities	15 Apr 202502:29	–	ibm
BDU FSTEC	Vulnerability of the blkcgdestroy_blkgs() function (block/blk-cgroup.c) in the Linux kernel, allowing a malicious actor to cause service failure	17 Jan 202400:00	–	bdu_fstec
Circl	CVE-2024-0443	12 Jan 202401:51	–	circl
CNNVD	Linux kernel 安全漏洞	11 Jan 202400:00	–	cnnvd
CNVD	Linux kernel code issue vulnerability (CNVD-2024-08087)	16 Jan 202400:00	–	cnvd
CVE	CVE-2024-0443	11 Jan 202423:30	–	cve
Debian CVE	CVE-2024-0443	11 Jan 202423:30	–	debiancve
EUVD	EUVD-2024-16238	3 Oct 202520:07	–	euvd
NVD	CVE-2024-0443	12 Jan 202400:15	–	nvd
OSV	CVE-2024-0443	12 Jan 202400:15	–	osv

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "6.4-rc7",
        "versionType": "semver"
      }
    ],
    "packageName": "kernel",
    "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:4.18.0-513.5.1.el8_9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::baseos",
      "cpe:/a:redhat:enterprise_linux:8::crb"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:5.14.0-362.8.1.el9_3",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::baseos",
      "cpe:/a:redhat:enterprise_linux:9::realtime",
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::crb",
      "cpe:/a:redhat:enterprise_linux:9::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:5.14.0-362.8.1.el9_3",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::baseos",
      "cpe:/a:redhat:enterprise_linux:9::realtime",
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::crb",
      "cpe:/a:redhat:enterprise_linux:9::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:5.14.0-284.40.1.el9_2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_eus:9.2::baseos",
      "cpe:/a:redhat:rhel_eus:9.2::crb",
      "cpe:/a:redhat:rhel_eus:9.2::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
lore	www.lore.kernel.org/linux-block/[email protected]/
access	www.access.redhat.com/errata/RHSA-2023:7077
access	www.access.redhat.com/security/cve/CVE-2024-0443
access	www.access.redhat.com/errata/RHSA-2023:6583
access	www.access.redhat.com/errata/RHSA-2023:7370
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

07 Nov 2025 13:08Current

5.4Medium risk

Vulners AI Score5.4

CVSS 3.15.5

EPSS0.00013

CWE-402