PT-2025-3592 · Linux+5 · Linux Kernel+5

Wang Liang

·

Publicado

2024-12-19

·

Atualizado

2025-10-03

·

CVE-2024-57841

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description A memory leak has been resolved in the Linux kernel. The issue occurs when inet csk reqsk queue hash add() returns false in tcp conn request(), causing the function to return without freeing the allocated dst memory. This results in a memory leak. The kmemleak stack trace shows an unreferenced object, indicating the memory leak. To fix this issue, dst release() should be called to free the dst memory when inet csk reqsk queue hash add() returns false in tcp conn request().
Recommendations Update to Linux kernel version 6.6.74 or later to resolve the memory leak issue. As a temporary workaround, consider implementing a custom solution to call dst release() when inet csk reqsk queue hash add() returns false in tcp conn request(), until an official patch is available.

Exploit

Correção

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401

Identificadores relacionados

ALT-PU-2025-1057
ALT-PU-2025-12647
ALT-PU-2025-1925
ALT-PU-2025-3483
ALT-PU-2025-3507
AZL-55846
AZL-55869
BDU:2025-04478
CVE-2024-57841
DLA-4076-1
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1110
OESA-2025-1111
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Produtos afetados

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Ubuntu