CVE-2024-26900 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 (size 49152): comm "mdadm", pid 789, jiffies 4294716910 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc f773277a): [<0000000058b0a453>] kmemleak_alloc+0x61/0xe0 [<00000000366adf14>] __kmalloc_large_node+0x15e/0x270 [<000000002e82961b>] __kmalloc_node.cold+0x11/0x7f [<00000000f206d60a>] kvmalloc_node+0x74/0x150 [<0000000034bf3363>] rdev_init_serial+0x67/0x170 [<0000000010e08fe9>] mddev_create_serial_pool+0x62/0x220 [<00000000c3837bf0>] bind_rdev_to_array+0x2af/0x630 [<0000000073c28560>] md_add_new_disk+0x400/0x9f0 [<00000000770e30ff>] md_ioctl+0x15bf/0x1c10 [<000000006cfab718>] blkdev_ioctl+0x191/0x3f0 [<0000000085086a11>] vfs_ioctl+0x22/0x60 [<0000000018b656fe>] __x64_sys_ioctl+0xba/0xe0 [<00000000e54e675e>] do_syscall_64+0x71/0x150 [<000000008b0ad622>] entry_SYSCALL_64_after_hwframe+0x6c/0x74

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 9
kernel-0:5.14.0-503.11.1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z
kernel-0:5.14.0-503.11.1.el9_5	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366
https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4
https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea
https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995
https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9
https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9
https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
https://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26900-70a3@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26900
https://security.netapp.com/advisory/ntap-20240912-0011/
https://www.cve.org/CVERecord?id=CVE-2024-26900

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html https://security.netapp.com/advisory/ntap-20240912-0011/

Wed, 13 Nov 2024 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Tue, 05 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

Tue, 05 Nov 2024 10:15:00 +0000

Type	Values Removed	Values Added
References	https://security.netapp.com/advisory/ntap-20240912-0011/
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 13 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20240912-0011/

Thu, 12 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-17T10:27:49.707Z

Updated: 2025-05-04T08:59:13.975Z

Reserved: 2024-02-19T14:20:24.187Z

Link: CVE-2024-26900

Vulnrichment

Updated: 2024-09-12T16:02:57.919Z

NVD

Status : Modified

Published: 2024-04-17T11:15:10.917

Modified: 2024-11-21T09:03:20.300

Link: CVE-2024-26900

Redhat

Severity : Low

Publid Date: 2024-04-17T00:00:00Z

Links: CVE-2024-26900 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26900", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.187Z", "datePublished": "2024-04-17T10:27:49.707Z", "dateUpdated": "2025-05-04T08:59:13.975Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:59:13.975Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev->serial\n\nIf kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [<0000000058b0a453>] kmemleak_alloc+0x61/0xe0\n [<00000000366adf14>] __kmalloc_large_node+0x15e/0x270\n [<000000002e82961b>] __kmalloc_node.cold+0x11/0x7f\n [<00000000f206d60a>] kvmalloc_node+0x74/0x150\n [<0000000034bf3363>] rdev_init_serial+0x67/0x170\n [<0000000010e08fe9>] mddev_create_serial_pool+0x62/0x220\n [<00000000c3837bf0>] bind_rdev_to_array+0x2af/0x630\n [<0000000073c28560>] md_add_new_disk+0x400/0x9f0\n [<00000000770e30ff>] md_ioctl+0x15bf/0x1c10\n [<000000006cfab718>] blkdev_ioctl+0x191/0x3f0\n [<0000000085086a11>] vfs_ioctl+0x22/0x60\n [<0000000018b656fe>] __x64_sys_ioctl+0xba/0xe0\n [<00000000e54e675e>] do_syscall_64+0x71/0x150\n [<000000008b0ad622>] entry_SYSCALL_64_after_hwframe+0x6c/0x74"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/md/md.c"], "versions": [{"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "fb5b347efd1bda989846ffc74679d181222fb123", "status": "affected", "versionType": "git"}, {"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "f3a1787dc48213f6caea5ba7d47e0222e7fa34a9", "status": "affected", "versionType": "git"}, {"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9", "status": "affected", "versionType": "git"}, {"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "9fd0198f7ef06ae0d6636fb0578560857dead995", "status": "affected", "versionType": "git"}, {"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "6d32c832a88513f65c2c2c9c75954ee8b387adea", "status": "affected", "versionType": "git"}, {"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "4c1021ce46fc2fb6115f7e79d353941e6dcad366", "status": "affected", "versionType": "git"}, {"version": "963c555e75b033202dd76cf6325a7b7c83d08d5f", "lessThan": "6cf350658736681b9d6b0b6e58c5c76b235bb4c4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/md/md.c"], "versions": [{"version": "5.3", "status": "affected"}, {"version": "0", "lessThan": "5.3", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.217", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.159", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.91", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.31", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.10.217"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.15.159"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.1.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.6.31"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123"}, {"url": "https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9"}, {"url": "https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9"}, {"url": "https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995"}, {"url": "https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea"}, {"url": "https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366"}, {"url": "https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4"}], "title": "md: fix kmemleak of rdev->serial", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240912-0011/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-12T16:02:57.919Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26900", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:06.560564Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:23.408Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240912-0011/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-12T16:02:57.919Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26900", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:06.560564Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.456Z"}}], "cna": {"title": "md: fix kmemleak of rdev->serial", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "963c555e75b0", "lessThan": "fb5b347efd1b", "versionType": "git"}, {"status": "affected", "version": "963c555e75b0", "lessThan": "f3a1787dc482", "versionType": "git"}, {"status": "affected", "version": "963c555e75b0", "lessThan": "beaf11969fd5", "versionType": "git"}, {"status": "affected", "version": "963c555e75b0", "lessThan": "9fd0198f7ef0", "versionType": "git"}, {"status": "affected", "version": "963c555e75b0", "lessThan": "6d32c832a885", "versionType": "git"}, {"status": "affected", "version": "963c555e75b0", "lessThan": "4c1021ce46fc", "versionType": "git"}, {"status": "affected", "version": "963c555e75b0", "lessThan": "6cf350658736", "versionType": "git"}], "programFiles": ["drivers/md/md.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.3"}, {"status": "unaffected", "version": "0", "lessThan": "5.3", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.217", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.159", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.91", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.31", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/md/md.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123"}, {"url": "https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9"}, {"url": "https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9"}, {"url": "https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995"}, {"url": "https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea"}, {"url": "https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366"}, {"url": "https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev->serial\n\nIf kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [<0000000058b0a453>] kmemleak_alloc+0x61/0xe0\n [<00000000366adf14>] __kmalloc_large_node+0x15e/0x270\n [<000000002e82961b>] __kmalloc_node.cold+0x11/0x7f\n [<00000000f206d60a>] kvmalloc_node+0x74/0x150\n [<0000000034bf3363>] rdev_init_serial+0x67/0x170\n [<0000000010e08fe9>] mddev_create_serial_pool+0x62/0x220\n [<00000000c3837bf0>] bind_rdev_to_array+0x2af/0x630\n [<0000000073c28560>] md_add_new_disk+0x400/0x9f0\n [<00000000770e30ff>] md_ioctl+0x15bf/0x1c10\n [<000000006cfab718>] blkdev_ioctl+0x191/0x3f0\n [<0000000085086a11>] vfs_ioctl+0x22/0x60\n [<0000000018b656fe>] __x64_sys_ioctl+0xba/0xe0\n [<00000000e54e675e>] do_syscall_64+0x71/0x150\n [<000000008b0ad622>] entry_SYSCALL_64_after_hwframe+0x6c/0x74"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:17:53.096Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26900", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:17:53.096Z", "dateReserved": "2024-02-19T14:20:24.187Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:27:49.707Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E8FC005A-FB83-48C1-969E-B91C2F176D98", "versionEndExcluding": "6.7.11", "versionStartIncluding": "5.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev->serial\n\nIf kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [<0000000058b0a453>] kmemleak_alloc+0x61/0xe0\n [<00000000366adf14>] __kmalloc_large_node+0x15e/0x270\n [<000000002e82961b>] __kmalloc_node.cold+0x11/0x7f\n [<00000000f206d60a>] kvmalloc_node+0x74/0x150\n [<0000000034bf3363>] rdev_init_serial+0x67/0x170\n [<0000000010e08fe9>] mddev_create_serial_pool+0x62/0x220\n [<00000000c3837bf0>] bind_rdev_to_array+0x2af/0x630\n [<0000000073c28560>] md_add_new_disk+0x400/0x9f0\n [<00000000770e30ff>] md_ioctl+0x15bf/0x1c10\n [<000000006cfab718>] blkdev_ioctl+0x191/0x3f0\n [<0000000085086a11>] vfs_ioctl+0x22/0x60\n [<0000000018b656fe>] __x64_sys_ioctl+0xba/0xe0\n [<00000000e54e675e>] do_syscall_64+0x71/0x150\n [<000000008b0ad622>] entry_SYSCALL_64_after_hwframe+0x6c/0x74"}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: md: corrige kmemleak de rdev->serial Si kobject_add() falla en bind_rdev_to_array(), 'rdev->serial' se asignar\u00e1 y no se liberar\u00e1, y se produce kmemleak. objeto sin referencia 0xffff88815a350000 (tama\u00f1o 49152): comm \"mdadm\", pid 789, jiffies 4294716910 volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ retroceso (crc f773277a): [<0000000058b0a453> ] kmemleak_alloc+0x61/0xe0 [<00000000366adf14>] __kmalloc_large_node+0x15e/0x270 [<000000002e82961b>] __kmalloc_node.cold+0x11/0x7f [<00000000f206d60a>] loc_node+0x74/0x150 [<0000000034bf3363>] rdev_init_serial+0x67/0x170 [< 0000000010e08fe9>] mddev_create_serial_pool+0x62/0x220 [<00000000c3837bf0>] bind_rdev_to_array+0x2af/0x630 [<0000000073c28560>] md_add_new_disk+0x400/0x9f0 00000000770e30ff>] md_ioctl+0x15bf/0x1c10 [<000000006cfab718>] blkdev_ioctl+0x191/0x3f0 [< 0000000085086a11>] vfs_ioctl+0x22/0x60 [<0000000018b656fe>] __x64_sys_ioctl+0xba/0xe0 [<00000000e54e675e>] do_syscall_64+0x71/0x150 [<00000 0008b0ad622>] entrada_SYSCALL_64_after_hwframe+0x6c/0x74"}], "id": "CVE-2024-26900", "lastModified": "2024-11-21T09:03:20.300", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-17T11:15:10.917", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4c1021ce46fc2fb6115f7e79d353941e6dcad366"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6cf350658736681b9d6b0b6e58c5c76b235bb4c4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6d32c832a88513f65c2c2c9c75954ee8b387adea"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/9fd0198f7ef06ae0d6636fb0578560857dead995"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/beaf11969fd5cbe6f09cefaa34df1ce8578e8dd9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/f3a1787dc48213f6caea5ba7d47e0222e7fa34a9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/fb5b347efd1bda989846ffc74679d181222fb123"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240912-0011/"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: md: fix kmemleak of rdev->serial", "id": "2275647", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275647"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "verified"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmd: fix kmemleak of rdev->serial\nIf kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be\nalloc not be freed, and kmemleak occurs.\nunreferenced object 0xffff88815a350000 (size 49152):\ncomm \"mdadm\", pid 789, jiffies 4294716910\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace (crc f773277a):\n[<0000000058b0a453>] kmemleak_alloc+0x61/0xe0\n[<00000000366adf14>] __kmalloc_large_node+0x15e/0x270\n[<000000002e82961b>] __kmalloc_node.cold+0x11/0x7f\n[<00000000f206d60a>] kvmalloc_node+0x74/0x150\n[<0000000034bf3363>] rdev_init_serial+0x67/0x170\n[<0000000010e08fe9>] mddev_create_serial_pool+0x62/0x220\n[<00000000c3837bf0>] bind_rdev_to_array+0x2af/0x630\n[<0000000073c28560>] md_add_new_disk+0x400/0x9f0\n[<00000000770e30ff>] md_ioctl+0x15bf/0x1c10\n[<000000006cfab718>] blkdev_ioctl+0x191/0x3f0\n[<0000000085086a11>] vfs_ioctl+0x22/0x60\n[<0000000018b656fe>] __x64_sys_ioctl+0xba/0xe0\n[<00000000e54e675e>] do_syscall_64+0x71/0x150\n[<000000008b0ad622>] entry_SYSCALL_64_after_hwframe+0x6c/0x74", "A memory leak flaw was found in rdev->serial in the Linux kernel. This issue may lead to a crash."], "name": "CVE-2024-26900", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26900\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26900\nhttps://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26900-70a3@gregkh/T"], "threat_severity": "Low"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object