PT-2024-28416 · Linux+9 · Linux Kernel+9
Syzbot
·
Published
2024-05-04
·
Updated
2025-09-29
·
CVE-2024-39276
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.37
Description
A reference count leakage issue was found in the Linux kernel's ext4 file system, specifically in the
ext4 xattr block cache find() function. When ext4 sb bread() returns -ENOMEM, the e refcnt of the mb cache entry is not properly decremented, leading to a reference count leakage. This issue can trigger a warning in mb cache destroy() due to the reference count leakage. The problem occurs when finding an entry in ext4 xattr block cache find(), and ext4 sb bread() returns -ENOMEM. To fix this issue, mb cache entry put() should be called on the -ENOMEM error branch.Recommendations
To resolve this issue, update the Linux kernel to version 6.6.37 or later. As a temporary workaround, consider applying the fix to call
mb cache entry put() on the -ENOMEM error branch in the ext4 xattr block cache find() function.Exploit
Fix
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu