{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52560", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-02T21:55:42.566Z", "datePublished": "2024-03-02T21:59:34.084Z", "dateUpdated": "2024-12-19T08:21:38.528Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:21:38.528Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()\n\nWhen CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y\nand CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected.\n\nSince commit 9f86d624292c (\"mm/damon/vaddr-test: remove unnecessary\nvariables\"), the damon_destroy_ctx() is removed, but still call\ndamon_new_target() and damon_new_region(), the damon_region which is\nallocated by kmem_cache_alloc() in damon_new_region() and the damon_target\nwhich is allocated by kmalloc in damon_new_target() are not freed. And\nthe damon_region which is allocated in damon_new_region() in\ndamon_set_regions() is also not freed.\n\nSo use damon_destroy_target to free all the damon_regions and damon_target.\n\n unreferenced object 0xffff888107c9a940 (size 64):\n comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n 60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff `...............\n backtrace:\n [<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n [<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n [<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n [<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff8881079cc740 (size 56):\n comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n hex dump (first 32 bytes):\n 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\n backtrace:\n [<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n [<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n [<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff888107c9ac40 (size 64):\n comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff ........x.v.....\n backtrace:\n [<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n [<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n [<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n [<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff8881079ccc80 (size 56):\n comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n hex dump (first 32 bytes):\n 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\n backtrace:\n [<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n [<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n [<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffff\n---truncated---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/damon/vaddr-test.h"], "versions": [{"version": "9f86d624292c238203b3687cdb870a2cde1a6f9b", "lessThan": "9a4fe81a8644b717d57d81ce5849e16583b13fe8", "status": "affected", "versionType": "git"}, {"version": "9f86d624292c238203b3687cdb870a2cde1a6f9b", "lessThan": "6b522001693aa113d97a985abc5f6932972e8e86", "status": "affected", "versionType": "git"}, {"version": "9f86d624292c238203b3687cdb870a2cde1a6f9b", "lessThan": "45120b15743fa7c0aa53d5db6dfb4c8f87be4abd", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/damon/vaddr-test.h"], "versions": [{"version": "5.16", "status": "affected"}, {"version": "0", "lessThan": "5.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.56", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.6", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8"}, {"url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86"}, {"url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd"}], "title": "mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52560", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-04T15:35:56.845645Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:24:06.685Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.913Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.913Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52560", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-04T15:35:56.845645Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:14.706Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "9f86d624292c238203b3687cdb870a2cde1a6f9b", "lessThan": "9a4fe81a8644b717d57d81ce5849e16583b13fe8", "versionType": "git"}, {"status": "affected", "version": "9f86d624292c238203b3687cdb870a2cde1a6f9b", "lessThan": "6b522001693aa113d97a985abc5f6932972e8e86", "versionType": "git"}, {"status": "affected", "version": "9f86d624292c238203b3687cdb870a2cde1a6f9b", "lessThan": "45120b15743fa7c0aa53d5db6dfb4c8f87be4abd", "versionType": "git"}], "programFiles": ["mm/damon/vaddr-test.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.16"}, {"status": "unaffected", "version": "0", "lessThan": "5.16", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.56", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.5.6", "versionType": "semver", "lessThanOrEqual": "6.5.*"}, {"status": "unaffected", "version": "6.6", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["mm/damon/vaddr-test.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8"}, {"url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86"}, {"url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()\n\nWhen CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y\nand CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected.\n\nSince commit 9f86d624292c (\"mm/damon/vaddr-test: remove unnecessary\nvariables\"), the damon_destroy_ctx() is removed, but still call\ndamon_new_target() and damon_new_region(), the damon_region which is\nallocated by kmem_cache_alloc() in damon_new_region() and the damon_target\nwhich is allocated by kmalloc in damon_new_target() are not freed. And\nthe damon_region which is allocated in damon_new_region() in\ndamon_set_regions() is also not freed.\n\nSo use damon_destroy_target to free all the damon_regions and damon_target.\n\n unreferenced object 0xffff888107c9a940 (size 64):\n comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n 60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff `...............\n backtrace:\n [<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n [<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n [<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n [<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff8881079cc740 (size 56):\n comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n hex dump (first 32 bytes):\n 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\n backtrace:\n [<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n [<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n [<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff888107c9ac40 (size 64):\n comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff ........x.v.....\n backtrace:\n [<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n [<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n [<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n [<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff8881079ccc80 (size 56):\n comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n hex dump (first 32 bytes):\n 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\n backtrace:\n [<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n [<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n [<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffff\n---truncated---"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:21:38.528Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52560", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:21:38.528Z", "dateReserved": "2024-03-02T21:55:42.566Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-02T21:59:34.084Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EA89569-DD45-4A69-BB4D-8356FA9386BD", "versionEndExcluding": "6.1.56", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "870FC772-173A-4A0F-B1AF-7976AD6057D3", "versionEndExcluding": "6.5.6", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()\n\nWhen CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y\nand CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected.\n\nSince commit 9f86d624292c (\"mm/damon/vaddr-test: remove unnecessary\nvariables\"), the damon_destroy_ctx() is removed, but still call\ndamon_new_target() and damon_new_region(), the damon_region which is\nallocated by kmem_cache_alloc() in damon_new_region() and the damon_target\nwhich is allocated by kmalloc in damon_new_target() are not freed. And\nthe damon_region which is allocated in damon_new_region() in\ndamon_set_regions() is also not freed.\n\nSo use damon_destroy_target to free all the damon_regions and damon_target.\n\n unreferenced object 0xffff888107c9a940 (size 64):\n comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n 60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff `...............\n backtrace:\n [<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n [<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n [<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n [<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff8881079cc740 (size 56):\n comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n hex dump (first 32 bytes):\n 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\n backtrace:\n [<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n [<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n [<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff888107c9ac40 (size 64):\n comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff ........x.v.....\n backtrace:\n [<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n [<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n [<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n [<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\n unreferenced object 0xffff8881079ccc80 (size 56):\n comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n hex dump (first 32 bytes):\n 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\n backtrace:\n [<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n [<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n [<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n [<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n [<ffffffff81237cf6>] kthread+0x2b6/0x380\n [<ffffffff81097add>] ret_from_fork+0x2d/0x70\n [<ffff\n---truncated---"}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm/damon/vaddr-test: corrige la p\u00e9rdida de memoria en damon_do_test_apply_tres_regions() Cuando CONFIG_DAMON_VADDR_KUNIT_TEST=y y se hace CONFIG_DEBUG_KMEMLEAK=y y CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, se detecta la siguiente p\u00e9rdida de memoria. Desde el commit 9f86d624292c (\"mm/damon/vaddr-test: eliminar variables innecesarias\"), damon_destroy_ctx() se elimina, pero a\u00fan se llama a damon_new_target() y damon_new_region(), la damon_region asignada por kmem_cache_alloc() en damon_new_region() y el damon_target asignado por kmalloc en damon_new_target() no se libera. Y el damon_region que est\u00e1 asignado en damon_new_region() en damon_set_regions() tampoco se libera. Entonces use damon_destroy_target para liberar todos los damon_regions y damon_target. objeto sin referencia 0xffff888107c9a940 (tama\u00f1o 64): comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (edad 732,761 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b... .........kkkk 60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff `................. backtrace: [] kmalloc_trace +0x27/0xa0 [] damon_new_target+0x3f/0x1b0 [] damon_do_test_apply_tres_regiones.constprop.0+0x95/0x3e0 [] damon_test_apply_tres_regiones1+0x21e/ 0x260 [] kunit_generic_run_threadfn_adapter+0x4a/0x90 [&lt; ffffffff81237cf6&gt;] kthread+0x2b6/0x380 [] ret_from_fork+0x2d/0x70 [] ret_from_fork_asm+0x11/0x20 objeto sin referencia 0xffff8881079cc740 (tama\u00f1o 56): comm \"kunit_try_catch\", pid 1069, santiam\u00e9n 4294670592 (edad 732,761 s ) volcado hexadecimal (primeros 32 bytes): 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................ 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk retroceso: [] damon_new_region+0x22/0x1c0 [] damon_do_test_apply_tres_regiones.constprop.0+0xd1/0x3e0 [] damon_test_apply_tres_regiones1+0x21e/0x260 [ ] kunit_generic_run_threadfn_adapter+0x4a/0x90 [] kthread+0x2b6/0x380 [] ret_from_fork+0x2d/0x70 [] ret_from_ fork_asm+0x11/0x20 objeto sin referencia 0xffff888107c9ac40 (tama\u00f1o 64): comm \"kunit_try_catch \", pid 1071, santiam\u00e9n 4294670595 (edad 732,843 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff ........xv.... rastreo: [] kmalloc_trace+0x27/0xa0 [] damon_new_target+0x3f/0x1b0 [] damon_do_test_apply_tres_regiones.constprop.0+0x95/0x3e0 [] damon_test_apply_tres_regiones2+0x21e/0x260 [] kunit_generic_run_threadfn_adapter+0x4 a/0x90 [] kthread+0x2b6/0x380 [] ret_from_fork +0x2d/0x70 [] ret_from_fork_asm+0x11/0x20 objeto sin referencia 0xffff8881079ccc80 (tama\u00f1o 56): comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (edad 732.843 s) volcado hexadecimal (primero 32 bytes): 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................ 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk retroceso : [] damon_new_region+0x22/0x1c0 [] damon_do_test_apply_tres_regiones.constprop.0+0xd1/0x3e0 [] damon_test_apply_tres_regiones2+0x21e/0x260 [] kunit_generic_run_threadfn_adapter+0x4a/0x90 [] kthread+0x2b6/0x380 [] ret_from_fork+0x2d/0x70 ["}], "id": "CVE-2023-52560", "lastModified": "2024-12-11T15:24:15.463", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2024-03-02T22:15:48.750", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "[email protected]", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4352", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-08T00:00:00Z"}, {"advisory": "RHSA-2024:4211", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.8.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-02T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions()", "id": "2267730", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267730"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()\nWhen CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y\nand CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected.\nSince commit 9f86d624292c (\"mm/damon/vaddr-test: remove unnecessary\nvariables\"), the damon_destroy_ctx() is removed, but still call\ndamon_new_target() and damon_new_region(), the damon_region which is\nallocated by kmem_cache_alloc() in damon_new_region() and the damon_target\nwhich is allocated by kmalloc in damon_new_target() are not freed. And\nthe damon_region which is allocated in damon_new_region() in\ndamon_set_regions() is also not freed.\nSo use damon_destroy_target to free all the damon_regions and damon_target.\nunreferenced object 0xffff888107c9a940 (size 64):\ncomm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\n60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff `...............\nbacktrace:\n[<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n[<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n[<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n[<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n[<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n[<ffffffff81237cf6>] kthread+0x2b6/0x380\n[<ffffffff81097add>] ret_from_fork+0x2d/0x70\n[<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\nunreferenced object 0xffff8881079cc740 (size 56):\ncomm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\nhex dump (first 32 bytes):\n05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\nbacktrace:\n[<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n[<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n[<ffffffff819c82be>] damon_test_apply_three_regions1+0x21e/0x260\n[<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n[<ffffffff81237cf6>] kthread+0x2b6/0x380\n[<ffffffff81097add>] ret_from_fork+0x2d/0x70\n[<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\nunreferenced object 0xffff888107c9ac40 (size 64):\ncomm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk\na0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff ........x.v.....\nbacktrace:\n[<ffffffff817e0167>] kmalloc_trace+0x27/0xa0\n[<ffffffff819c11cf>] damon_new_target+0x3f/0x1b0\n[<ffffffff819c7d55>] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n[<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n[<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n[<ffffffff81237cf6>] kthread+0x2b6/0x380\n[<ffffffff81097add>] ret_from_fork+0x2d/0x70\n[<ffffffff81003791>] ret_from_fork_asm+0x11/0x20\nunreferenced object 0xffff8881079ccc80 (size 56):\ncomm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\nhex dump (first 32 bytes):\n05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................\n6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk\nbacktrace:\n[<ffffffff819bc492>] damon_new_region+0x22/0x1c0\n[<ffffffff819c7d91>] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n[<ffffffff819c851e>] damon_test_apply_three_regions2+0x21e/0x260\n[<ffffffff829fce6a>] kunit_generic_run_threadfn_adapter+0x4a/0x90\n[<ffffffff81237cf6>] kthread+0x2b6/0x380\n[<ffffffff81097add>] ret_from_fork+0x2d/0x70\n[<ffff\n---truncated---", "A potential memory leak flaw was found in damon_do_test_apply_three_regions() in the Linux kernel. This issue may lead to minor memory issues, resulting in compromised availability."], "name": "CVE-2023-52560", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52560\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52560\nhttps://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52560-c3de@gregkh/T/#u"], "threat_severity": "Low", "upstream_fix": "kernel 6.1.56, kernel 6.5.6, kernel 6.6"}