Impact
In the Linux kernel’s memory policy subsystem, the function weighted_interleave_auto_store() can leak memory on two separate code paths. When the user writes the string "false" while the current mode is already manual, the function exits early without freeing the freshly allocated new state. When the user writes "true", the old state is never fetched, it is overwritten instead, and the cleanup code never runs; this allows a loop of writes to repeatedly leak memory. The leak is confined to the kernel’s memory allocator and does not provide code execution, but sustained exploitation can grow the kernel’s memory usage and potentially trigger a crash or a denial‑of‑service condition.
Affected Systems
The flaw resides in a core kernel function that is identical across all major Linux distributions; the advisory does not specify a particular kernel version range, so any kernel version still containing the pre‑fix implementation of weighted_interleave_auto_store() is vulnerable. Administrators should verify the current kernel version and the presence of the unpatched code path, especially if using an older release or a custom kernel configuration.
Risk and Exploitability
The CVSS score of 5.5 indicates moderate severity, and the EPSS score is listed as <1%, meaning the likelihood of exploitation is very low but not zero. The vulnerability is not included in the CISA KEV catalog, suggesting no known active exploitation. Based on the description, the attack vector is local and requires write access to the memory‑policy interface, typically available only to privileged users. Although the exploit does not provide arbitrary code execution, repeatedly triggering the leak can drain kernel memory and lead to a crash, representing a moderate risk for systems where the interface is openly writable. Prompt patching is advisable to mitigate this potential denial‑of service risk.
OpenCVE Enrichment
Ubuntu USN