Lucene search
LinuxCVELIST:CVE-2024-26860HistoryApr 17, 2024 - 10:27 a.m.
CVE-2024-26860 dm-integrity: fix a memory leak when rechecking the data
2024-04-1710:27:24
Linux
www.cve.org
linux kernel
vulnerability resolved
dm-integrity
memory leak
checksums
recheck
cve-2024-26860
In the Linux kernel, the following vulnerability has been resolved:
dm-integrity: fix a memory leak when rechecking the data
Memory for the “checksums” pointer will leak if the data is rechecked
after checksum failure (because the associated kfree won’t happen due
to ‘goto skip_io’).
Fix this by freeing the checksums memory before recheck, and just use
the “checksum_onstack” memory for storing checksum during recheck.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/md/dm-integrity.c"
],
"versions": [
{
"version": "906414f45964",
"lessThan": "20e21c3c0195",
"status": "affected",
"versionType": "git"
},
{
"version": "d6824a28b244",
"lessThan": "338580a7fb9b",
"status": "affected",
"versionType": "git"
},
{
"version": "eb7b14a6a923",
"lessThan": "74abc2fe0969",
"status": "affected",
"versionType": "git"
},
{
"version": "c88f5e553fe3",
"lessThan": "6d35654f03c3",
"status": "affected",
"versionType": "git"
},
{
"version": "c88f5e553fe3",
"lessThan": "55e565c42dce",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/md/dm-integrity.c"
],
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.83",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.23",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.11",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.2",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/20e21c3c0195d915f33bc7321ee6b362177bf5bf
git.kernel.org/stable/c/338580a7fb9b0930bb38098007e89cc0fc496bf7
git.kernel.org/stable/c/55e565c42dce81a4e49c13262d5bc4eb4c2e588a
git.kernel.org/stable/c/6d35654f03c35c273240d85ec67e3f2c3596c4e0
git.kernel.org/stable/c/74abc2fe09691f3d836d8a54d599ca71f1e4287b
Related
nvd
nvd
CVE-2024-26860
2024-04-17 11:15:08
cve
cve
CVE-2024-26860
2024-04-17 11:15:08
redhatcve
redhatcve
CVE-2024-26860
2024-04-17 19:27:51
debiancve
debiancve
CVE-2024-26860
2024-04-17 11:15:08
ubuntucve
ubuntucve
CVE-2024-26860
2024-04-17 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6817-3)
2024-06-17 00:00:00
Ubuntu: Security Advisory (USN-6816-1)
2024-06-10 00:00:00
Ubuntu: Security Advisory (USN-6817-1)
2024-06-10 00:00:00
osv
osv
linux-aws, linux-gcp vulnerabilities
2024-06-07 18:49:30
linux-azure, linux-gke vulnerabilities
2024-06-14 17:24:38
linux-oem-6.8 vulnerabilities
2024-06-10 19:28:08
ubuntu
ubuntu
Linux kernel (Oracle) vulnerabilities
2024-07-04 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (OEM) vulnerabilities
2024-06-11 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-1)
2024-06-07 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)
2024-06-14 00:00:00
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)
2024-06-10 00:00:00