Vulnerabilities > CVE-2024-50119 - Unspecified vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

NVD

Published: 2024-11-05

Updated: 2024-11-08

Summary

In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifs_io_request_pool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0 RIP: 0010:free_large_kmalloc+0xac/0xe0 Call Trace: <TASK> ? __warn+0xea/0x330 mempool_destroy+0x13f/0x1d0 init_cifs+0xa50/0xff0 [cifs] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Obviously, 'cifs_io_request_pool' is not created by mempool_create(). So just use mempool_exit() to revert 'cifs_io_request_pool'.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.12 Linux Linux Kernel 6.10 Linux Linux Kernel 6.10.0 Linux Linux Kernel 6.10.1 Linux Linux Kernel 6.10.2 Linux Linux Kernel 6.10.3 Linux Linux Kernel 6.10.4 Linux Linux Kernel 6.10.5 Linux Linux Kernel 6.10.6 Linux Linux Kernel 6.10.7 Linux Linux Kernel 6.10.8 Linux Linux Kernel 6.10.9 Linux Linux Kernel 6.10.10 Linux Linux Kernel 6.10.11 Linux Linux Kernel 6.10.12 Linux Linux Kernel 6.10.13 Linux Linux Kernel 6.10.14 Linux Linux Kernel 6.11 Linux Linux Kernel 6.11.1 Linux Linux Kernel 6.11.2 Linux Linux Kernel 6.11.3 Linux Linux Kernel 6.11.4 Linux Linux Kernel 6.11.5	43

Summary

Vulnerable Configurations

References