CVE-2024-35882

2024-05-1900:00:00

ubuntu.com

linux kernel

sunrpc

vulnerability

memory leak

rpc-over-tcp

AI Score

6.5

Confidence

High

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: SUNRPC:
Fix a slow server-side memory leak with RPC-over-TCP Jan Schunk reports
that his small NFS servers suffer from memory exhaustion after just a few
days. A bisect shows that commit e18e157bb5c8 (“SUNRPC: Send RPC message on
TCP with a single sock_sendmsg() call”) is the first bad commit. That
commit assumed that sock_sendmsg() releases all the pages in the underlying
bio_vec array, but the reality is that it doesn’t. svc_xprt_release()
releases the rqst’s response pages, but the record marker page fragment
isn’t one of those, so it is never released. This is a narrow fix that can
be applied to stable kernels. A more extensive fix is in the works.

OSVersionArchitecturePackageVersionFilename
ubuntu24.04noarchlinux< 6.8.0-38.38UNKNOWN
ubuntu24.04noarchlinux-aws< 6.8.0-1011.12UNKNOWN
ubuntu24.04noarchlinux-azure< 6.8.0-1010.10UNKNOWN
ubuntu24.04noarchlinux-gcp< 6.8.0-1010.11UNKNOWN
ubuntu24.04noarchlinux-gke< 6.8.0-1006.9UNKNOWN
ubuntu24.04noarchlinux-ibm< 6.8.0-1008.8UNKNOWN
ubuntu24.04noarchlinux-intel< 6.8.0-1007.14UNKNOWN
ubuntu24.04noarchlinux-lowlatency< 6.8.0-38.38.1UNKNOWN
ubuntu24.04noarchlinux-nvidia< 6.8.0-1009.9UNKNOWN
ubuntu24.04noarchlinux-oem-6.8< 6.8.0-1008.8UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	24.04	noarch	linux	< 6.8.0-38.38	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< 6.8.0-1011.12	UNKNOWN
ubuntu	24.04	noarch	linux-azure	< 6.8.0-1010.10	UNKNOWN
ubuntu	24.04	noarch	linux-gcp	< 6.8.0-1010.11	UNKNOWN
ubuntu	24.04	noarch	linux-gke	< 6.8.0-1006.9	UNKNOWN
ubuntu	24.04	noarch	linux-ibm	< 6.8.0-1008.8	UNKNOWN
ubuntu	24.04	noarch	linux-intel	< 6.8.0-1007.14	UNKNOWN
ubuntu	24.04	noarch	linux-lowlatency	< 6.8.0-38.38.1	UNKNOWN
ubuntu	24.04	noarch	linux-nvidia	< 6.8.0-1009.9	UNKNOWN
ubuntu	24.04	noarch	linux-oem-6.8	< 6.8.0-1008.8	UNKNOWN