{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26840", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.182Z", "datePublished": "2024-04-17T10:10:06.180Z", "dateUpdated": "2025-05-04T08:57:42.799Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:57:42.799Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370\n [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0\n [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120\n [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0\n [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0\n [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520\n [<ffffffff8ebc5069>] ksys_write+0x69/0xf0\n [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140\n [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/cachefiles/cache.c", "fs/cachefiles/daemon.c"], "versions": [{"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "cb5466783793e66272624cf71925ae1d1ba32083", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "037d5a949b0455540ef9aab34c10ddf54b65d285", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "43eccc5823732ba6daab2511ed32dfc545a666d8", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "94965be37add0983672e48ecb33cdbda92b62579", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "8b218e2f0a27a9f09428b1847b4580640b9d1e58", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "38e921616320d159336b0ffadb09e9fb4945c7c3", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "9cac69912052a4def571fedf1cb9bb4ec590e25a", "status": "affected", "versionType": "git"}, {"version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "e21a2f17566cbd64926fb8f16323972f7a064444", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/cachefiles/cache.c", "fs/cachefiles/daemon.c"], "versions": [{"version": "2.6.30", "status": "affected"}, {"version": "0", "lessThan": "2.6.30", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.309", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.271", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.212", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.151", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.80", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.19", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.7", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "4.19.309"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "5.4.271"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "5.10.212"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "5.15.151"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.1.80"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.6.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.7.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.30", "versionEndExcluding": "6.8"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083"}, {"url": "https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285"}, {"url": "https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8"}, {"url": "https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579"}, {"url": "https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58"}, {"url": "https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3"}, {"url": "https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a"}, {"url": "https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444"}], "title": "cachefiles: fix memory leak in cachefiles_add_cache()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26840", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-28T19:58:24.475717Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:49:17.204Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.702Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.702Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26840", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-28T19:58:24.475717Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-28T19:58:28.826Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "cachefiles: fix memory leak in cachefiles_add_cache()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "cb5466783793e66272624cf71925ae1d1ba32083", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "037d5a949b0455540ef9aab34c10ddf54b65d285", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "43eccc5823732ba6daab2511ed32dfc545a666d8", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "94965be37add0983672e48ecb33cdbda92b62579", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "8b218e2f0a27a9f09428b1847b4580640b9d1e58", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "38e921616320d159336b0ffadb09e9fb4945c7c3", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "9cac69912052a4def571fedf1cb9bb4ec590e25a", "versionType": "git"}, {"status": "affected", "version": "9ae326a69004dea8af2dae4fde58de27db700a8d", "lessThan": "e21a2f17566cbd64926fb8f16323972f7a064444", "versionType": "git"}], "programFiles": ["fs/cachefiles/cache.c", "fs/cachefiles/daemon.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.30"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.30", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.309", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.271", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.212", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.151", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.80", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.19", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.7", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/cachefiles/cache.c", "fs/cachefiles/daemon.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083"}, {"url": "https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285"}, {"url": "https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8"}, {"url": "https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579"}, {"url": "https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58"}, {"url": "https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3"}, {"url": "https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a"}, {"url": "https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370\n [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0\n [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120\n [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0\n [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0\n [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520\n [<ffffffff8ebc5069>] ksys_write+0x69/0xf0\n [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140\n [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.309", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.271", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.212", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.151", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.80", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.19", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.7", "versionStartIncluding": "2.6.30"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8", "versionStartIncluding": "2.6.30"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:57:42.799Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26840", "state": "PUBLISHED", "dateUpdated": "2025-05-04T08:57:42.799Z", "dateReserved": "2024-02-19T14:20:24.182Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:10:06.180Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE617771-4A89-47F5-8CAC-2B6D1E6C93E1", "versionEndExcluding": "4.19.309", "versionStartIncluding": "2.6.30", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BE17E30-58A5-468C-A06E-28C355F4F8DD", "versionEndExcluding": "5.4.271", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "01B34738-A022-44A9-9250-DCBC76539CB9", "versionEndExcluding": "5.10.212", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEAFD33E-C22F-4FB1-A417-9C96AB3E0358", "versionEndExcluding": "5.15.151", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B", "versionEndExcluding": "6.1.80", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0", "versionEndExcluding": "6.6.19", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B", "versionEndExcluding": "6.7.7", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370\n [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0\n [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120\n [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0\n [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0\n [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520\n [<ffffffff8ebc5069>] ksys_write+0x69/0xf0\n [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140\n [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cachefiles: corrige la p\u00e9rdida de memoria en cachefiles_add_cache() Se inform\u00f3 la siguiente p\u00e9rdida de memoria despu\u00e9s de desvincular /dev/cachefiles: ================= ==================================================== objeto sin referencia 0xffff9b674176e3c0 (tama\u00f1o 192): comm \"cachefilesd2\", pid 680, jiffies 4294881224 volcado hexadecimal (primeros 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ retroceso (crc ea38a44b): [ ] kmem_cache_alloc+0x2d5/0x370 [] prepare_creds+0x26/0x2e0 [] cachefiles_determine_cache_security+0x1f/0x120 [] cachefiles_add_cache+0x13c/0x 3a0 [] cachefiles_daemon_write+0x146/0x1c0 [ ] vfs_write+0xcb/0x520 [] ksys_write+0x69/0xf0 [] do_syscall_64+0x72/0x140 [] Entry_SYSCALL_64_after_hwframe+0x6e/0x76 =============== ==================================================== == Coloque el recuento de referencias de cache_cred en cachefiles_daemon_unbind() para solucionar el problema. Y tambi\u00e9n coloque cache_cred en la rama de error cachefiles_add_cache() para evitar p\u00e9rdidas de memoria."}], "id": "CVE-2024-26840", "lastModified": "2025-01-07T17:13:19.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-17T10:15:09.910", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/037d5a949b0455540ef9aab34c10ddf54b65d285"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/38e921616320d159336b0ffadb09e9fb4945c7c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/43eccc5823732ba6daab2511ed32dfc545a666d8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8b218e2f0a27a9f09428b1847b4580640b9d1e58"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94965be37add0983672e48ecb33cdbda92b62579"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9cac69912052a4def571fedf1cb9bb4ec590e25a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cb5466783793e66272624cf71925ae1d1ba32083"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e21a2f17566cbd64926fb8f16323972f7a064444"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2025:7526", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "kernel-0:5.14.0-427.68.1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-05-14T00:00:00Z"}], "bugzilla": {"description": "kernel: cachefiles: fix memory leak in cachefiles_add_cache()", "id": "2275573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275573"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncachefiles: fix memory leak in cachefiles_add_cache()\nThe following memory leak was reported after unbinding /dev/cachefiles:\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\ncomm \"cachefilesd2\", pid 680, jiffies 4294881224\nhex dump (first 32 bytes):\n01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace (crc ea38a44b):\n[<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370\n[<ffffffff8e917f86>] prepare_creds+0x26/0x2e0\n[<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120\n[<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0\n[<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0\n[<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520\n[<ffffffff8ebc5069>] ksys_write+0x69/0xf0\n[<ffffffff8f6d4662>] do_syscall_64+0x72/0x140\n[<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks."], "name": "CVE-2024-26840", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26840\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26840\nhttps://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T"], "threat_severity": "Low"}

{}