{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26894", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.186Z", "datePublished": "2024-04-17T10:27:45.960Z", "dateUpdated": "2024-11-05T09:17:46.274Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:17:46.274Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()\n\nAfter unregistering the CPU idle device, the memory associated with\nit is not freed, leading to a memory leak:\n\nunreferenced object 0xffff896282f6c000 (size 1024):\n comm \"swapper/0\", pid 1, jiffies 4294893170\n hex dump (first 32 bytes):\n 00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 8836a742):\n [<ffffffff993495ed>] kmalloc_trace+0x29d/0x340\n [<ffffffff9972f3b3>] acpi_processor_power_init+0xf3/0x1c0\n [<ffffffff9972d263>] __acpi_processor_start+0xd3/0xf0\n [<ffffffff9972d2bc>] acpi_processor_start+0x2c/0x50\n [<ffffffff99805872>] really_probe+0xe2/0x480\n [<ffffffff99805c98>] __driver_probe_device+0x78/0x160\n [<ffffffff99805daf>] driver_probe_device+0x1f/0x90\n [<ffffffff9980601e>] __driver_attach+0xce/0x1c0\n [<ffffffff99803170>] bus_for_each_dev+0x70/0xc0\n [<ffffffff99804822>] bus_add_driver+0x112/0x210\n [<ffffffff99807245>] driver_register+0x55/0x100\n [<ffffffff9aee4acb>] acpi_processor_driver_init+0x3b/0xc0\n [<ffffffff990012d1>] do_one_initcall+0x41/0x300\n [<ffffffff9ae7c4b0>] kernel_init_freeable+0x320/0x470\n [<ffffffff99b231f6>] kernel_init+0x16/0x1b0\n [<ffffffff99042e6d>] ret_from_fork+0x2d/0x50\n\nFix this by freeing the CPU idle device after unregistering it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/acpi/processor_idle.c"], "versions": [{"version": "3d339dcbb56d", "lessThan": "d351bcadab6c", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "ea96bf3f8062", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "c2a30c81bf3c", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "1cbaf4c793b0", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "fad9bcd4d754", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "3d48e5be1074", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "8d14a4d0afb4", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "cd5c2d0b09d5", "status": "affected", "versionType": "git"}, {"version": "3d339dcbb56d", "lessThan": "e18afcb7b2a1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/acpi/processor_idle.c"], "versions": [{"version": "3.7", "status": "affected"}, {"version": "0", "lessThan": "3.7", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.311", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/d351bcadab6caa6d8ce7159ff4b77e2da35c09fa"}, {"url": "https://git.kernel.org/stable/c/ea96bf3f80625cddba1391a87613356b1b45716d"}, {"url": "https://git.kernel.org/stable/c/c2a30c81bf3cb9033fa9f5305baf7c377075e2e5"}, {"url": "https://git.kernel.org/stable/c/1cbaf4c793b0808532f4e7b40bc4be7cec2c78f2"}, {"url": "https://git.kernel.org/stable/c/fad9bcd4d754cc689c19dc04d2c44b82c1a5d6c8"}, {"url": "https://git.kernel.org/stable/c/3d48e5be107429ff5d824e7f2a00d1b610d36fbc"}, {"url": "https://git.kernel.org/stable/c/8d14a4d0afb49a5b8535d414c782bb334860e73e"}, {"url": "https://git.kernel.org/stable/c/cd5c2d0b09d5b6d3f0a7bbabe6761a4997e9dee9"}, {"url": "https://git.kernel.org/stable/c/e18afcb7b2a12b635ac10081f943fcf84ddacc51"}], "title": "ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.515Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d351bcadab6caa6d8ce7159ff4b77e2da35c09fa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ea96bf3f80625cddba1391a87613356b1b45716d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c2a30c81bf3cb9033fa9f5305baf7c377075e2e5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1cbaf4c793b0808532f4e7b40bc4be7cec2c78f2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fad9bcd4d754cc689c19dc04d2c44b82c1a5d6c8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3d48e5be107429ff5d824e7f2a00d1b610d36fbc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8d14a4d0afb49a5b8535d414c782bb334860e73e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cd5c2d0b09d5b6d3f0a7bbabe6761a4997e9dee9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e18afcb7b2a12b635ac10081f943fcf84ddacc51", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-770", "lang": "en", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-08T17:57:02.625314Z", "id": "CVE-2024-26894", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-31T17:13:39.994Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d351bcadab6caa6d8ce7159ff4b77e2da35c09fa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ea96bf3f80625cddba1391a87613356b1b45716d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c2a30c81bf3cb9033fa9f5305baf7c377075e2e5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1cbaf4c793b0808532f4e7b40bc4be7cec2c78f2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fad9bcd4d754cc689c19dc04d2c44b82c1a5d6c8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3d48e5be107429ff5d824e7f2a00d1b610d36fbc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8d14a4d0afb49a5b8535d414c782bb334860e73e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cd5c2d0b09d5b6d3f0a7bbabe6761a4997e9dee9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e18afcb7b2a12b635ac10081f943fcf84ddacc51", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.515Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-26894", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-08T17:57:02.625314Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-25T17:46:39.897Z"}}], "cna": {"title": "ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3d339dcbb56d", "lessThan": "d351bcadab6c", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "ea96bf3f8062", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "c2a30c81bf3c", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "1cbaf4c793b0", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "fad9bcd4d754", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "3d48e5be1074", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "8d14a4d0afb4", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "cd5c2d0b09d5", "versionType": "git"}, {"status": "affected", "version": "3d339dcbb56d", "lessThan": "e18afcb7b2a1", "versionType": "git"}], "programFiles": ["drivers/acpi/processor_idle.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.7"}, {"status": "unaffected", "version": "0", "lessThan": "3.7", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.311", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.273", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/acpi/processor_idle.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/d351bcadab6caa6d8ce7159ff4b77e2da35c09fa"}, {"url": "https://git.kernel.org/stable/c/ea96bf3f80625cddba1391a87613356b1b45716d"}, {"url": "https://git.kernel.org/stable/c/c2a30c81bf3cb9033fa9f5305baf7c377075e2e5"}, {"url": "https://git.kernel.org/stable/c/1cbaf4c793b0808532f4e7b40bc4be7cec2c78f2"}, {"url": "https://git.kernel.org/stable/c/fad9bcd4d754cc689c19dc04d2c44b82c1a5d6c8"}, {"url": "https://git.kernel.org/stable/c/3d48e5be107429ff5d824e7f2a00d1b610d36fbc"}, {"url": "https://git.kernel.org/stable/c/8d14a4d0afb49a5b8535d414c782bb334860e73e"}, {"url": "https://git.kernel.org/stable/c/cd5c2d0b09d5b6d3f0a7bbabe6761a4997e9dee9"}, {"url": "https://git.kernel.org/stable/c/e18afcb7b2a12b635ac10081f943fcf84ddacc51"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()\n\nAfter unregistering the CPU idle device, the memory associated with\nit is not freed, leading to a memory leak:\n\nunreferenced object 0xffff896282f6c000 (size 1024):\n comm \"swapper/0\", pid 1, jiffies 4294893170\n hex dump (first 32 bytes):\n 00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 8836a742):\n [<ffffffff993495ed>] kmalloc_trace+0x29d/0x340\n [<ffffffff9972f3b3>] acpi_processor_power_init+0xf3/0x1c0\n [<ffffffff9972d263>] __acpi_processor_start+0xd3/0xf0\n [<ffffffff9972d2bc>] acpi_processor_start+0x2c/0x50\n [<ffffffff99805872>] really_probe+0xe2/0x480\n [<ffffffff99805c98>] __driver_probe_device+0x78/0x160\n [<ffffffff99805daf>] driver_probe_device+0x1f/0x90\n [<ffffffff9980601e>] __driver_attach+0xce/0x1c0\n [<ffffffff99803170>] bus_for_each_dev+0x70/0xc0\n [<ffffffff99804822>] bus_add_driver+0x112/0x210\n [<ffffffff99807245>] driver_register+0x55/0x100\n [<ffffffff9aee4acb>] acpi_processor_driver_init+0x3b/0xc0\n [<ffffffff990012d1>] do_one_initcall+0x41/0x300\n [<ffffffff9ae7c4b0>] kernel_init_freeable+0x320/0x470\n [<ffffffff99b231f6>] kernel_init+0x16/0x1b0\n [<ffffffff99042e6d>] ret_from_fork+0x2d/0x50\n\nFix this by freeing the CPU idle device after unregistering it."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:17:46.274Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26894", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:17:46.274Z", "dateReserved": "2024-02-19T14:20:24.186Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:27:45.960Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()\n\nAfter unregistering the CPU idle device, the memory associated with\nit is not freed, leading to a memory leak:\n\nunreferenced object 0xffff896282f6c000 (size 1024):\n comm \"swapper/0\", pid 1, jiffies 4294893170\n hex dump (first 32 bytes):\n 00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 8836a742):\n [<ffffffff993495ed>] kmalloc_trace+0x29d/0x340\n [<ffffffff9972f3b3>] acpi_processor_power_init+0xf3/0x1c0\n [<ffffffff9972d263>] __acpi_processor_start+0xd3/0xf0\n [<ffffffff9972d2bc>] acpi_processor_start+0x2c/0x50\n [<ffffffff99805872>] really_probe+0xe2/0x480\n [<ffffffff99805c98>] __driver_probe_device+0x78/0x160\n [<ffffffff99805daf>] driver_probe_device+0x1f/0x90\n [<ffffffff9980601e>] __driver_attach+0xce/0x1c0\n [<ffffffff99803170>] bus_for_each_dev+0x70/0xc0\n [<ffffffff99804822>] bus_add_driver+0x112/0x210\n [<ffffffff99807245>] driver_register+0x55/0x100\n [<ffffffff9aee4acb>] acpi_processor_driver_init+0x3b/0xc0\n [<ffffffff990012d1>] do_one_initcall+0x41/0x300\n [<ffffffff9ae7c4b0>] kernel_init_freeable+0x320/0x470\n [<ffffffff99b231f6>] kernel_init+0x16/0x1b0\n [<ffffffff99042e6d>] ret_from_fork+0x2d/0x50\n\nFix this by freeing the CPU idle device after unregistering it."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: procesador_idle: corrige la p\u00e9rdida de memoria en acpi_processor_power_exit() Despu\u00e9s de cancelar el registro del dispositivo de CPU inactivo, la memoria asociada con \u00e9l no se libera, lo que genera una p\u00e9rdida de memoria: objeto sin referencia 0xffff896282f6c000 (tama\u00f1o 1024): comunicaci\u00f3n \"swapper/0\", pid 1, santiam\u00e9n 4294893170 volcado hexadecimal (primeros 32 bytes): 00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ........... ..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ retroceso (crc 8836a742): [] kmalloc_trace+ 0x29d/0x340 [] acpi_processor_power_init+0xf3/0x1c0 [] __acpi_processor_start+0xd3/0xf0 [] acpi_processor_start+0x2c/0x50 [] realmente_probe+0xe2/0x480 [] __driver_probe_device+ 0x78/0x160 [] driver_probe_device+0x1f/0x90 [] __driver_attach+0xce/0x1c0 [] bus_for_each_dev+0x70/0xc0 [] bus_add_driver+0x112/0x210 [] driver_register+ 0x55/0x100 [] acpi_processor_driver_init+0x3b/0xc0 [] do_one_initcall+0x41/0x300 [] kernel_init_freeable+0x320/0x470 [] kernel_init+0x16/0x1b0 [] ret_from_fork+ 0x2d/0x50 Solucione este problema liberando el dispositivo de CPU inactivo despu\u00e9s de cancelar su registro."}], "id": "CVE-2024-26894", "lastModified": "2024-11-21T09:03:19.273", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-17T11:15:10.630", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1cbaf4c793b0808532f4e7b40bc4be7cec2c78f2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3d48e5be107429ff5d824e7f2a00d1b610d36fbc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8d14a4d0afb49a5b8535d414c782bb334860e73e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c2a30c81bf3cb9033fa9f5305baf7c377075e2e5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cd5c2d0b09d5b6d3f0a7bbabe6761a4997e9dee9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d351bcadab6caa6d8ce7159ff4b77e2da35c09fa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e18afcb7b2a12b635ac10081f943fcf84ddacc51"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ea96bf3f80625cddba1391a87613356b1b45716d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fad9bcd4d754cc689c19dc04d2c44b82c1a5d6c8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/1cbaf4c793b0808532f4e7b40bc4be7cec2c78f2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/3d48e5be107429ff5d824e7f2a00d1b610d36fbc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8d14a4d0afb49a5b8535d414c782bb334860e73e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c2a30c81bf3cb9033fa9f5305baf7c377075e2e5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/cd5c2d0b09d5b6d3f0a7bbabe6761a4997e9dee9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/d351bcadab6caa6d8ce7159ff4b77e2da35c09fa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e18afcb7b2a12b635ac10081f943fcf84ddacc51"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ea96bf3f80625cddba1391a87613356b1b45716d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/fad9bcd4d754cc689c19dc04d2c44b82c1a5d6c8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:7001", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:7000", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.22.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()", "id": "2275661", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275661"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "verified"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()\nAfter unregistering the CPU idle device, the memory associated with\nit is not freed, leading to a memory leak:\nunreferenced object 0xffff896282f6c000 (size 1024):\ncomm \"swapper/0\", pid 1, jiffies 4294893170\nhex dump (first 32 bytes):\n00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace (crc 8836a742):\n[<ffffffff993495ed>] kmalloc_trace+0x29d/0x340\n[<ffffffff9972f3b3>] acpi_processor_power_init+0xf3/0x1c0\n[<ffffffff9972d263>] __acpi_processor_start+0xd3/0xf0\n[<ffffffff9972d2bc>] acpi_processor_start+0x2c/0x50\n[<ffffffff99805872>] really_probe+0xe2/0x480\n[<ffffffff99805c98>] __driver_probe_device+0x78/0x160\n[<ffffffff99805daf>] driver_probe_device+0x1f/0x90\n[<ffffffff9980601e>] __driver_attach+0xce/0x1c0\n[<ffffffff99803170>] bus_for_each_dev+0x70/0xc0\n[<ffffffff99804822>] bus_add_driver+0x112/0x210\n[<ffffffff99807245>] driver_register+0x55/0x100\n[<ffffffff9aee4acb>] acpi_processor_driver_init+0x3b/0xc0\n[<ffffffff990012d1>] do_one_initcall+0x41/0x300\n[<ffffffff9ae7c4b0>] kernel_init_freeable+0x320/0x470\n[<ffffffff99b231f6>] kernel_init+0x16/0x1b0\n[<ffffffff99042e6d>] ret_from_fork+0x2d/0x50\nFix this by freeing the CPU idle device after unregistering it."], "name": "CVE-2024-26894", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26894\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26894\nhttps://lore.kernel.org/linux-cve-announce/2024041743-CVE-2024-26894-53ad@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.19.311, kernel 5.4.273, kernel 5.10.214, kernel 5.15.153, kernel 6.1.83, kernel 6.6.23, kernel 6.7.11, kernel 6.8.2, kernel 6.9-rc1"}