CVE-2024-46789

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.11.0-rc3-dirty #1

Description The vulnerability occurs when CONFIG MEMCG, CONFIG KFENCE, and CONFIG KMEMLEAK are enabled, leading to a warning due to an empty obj ext in the mem pool free function. This happens because the kfence alloc function assigns a value to slab->obj exts in kfence init pool, but the alloc tag add function is not called due to a check in the prepare slab obj exts hook function. As a result, ref->ct remains NULL, causing the warning when mem pool free is called.

Recommendations To resolve this issue, add corresponding checks in the alloc tagging slab free hook function for the s->flags value. This will prevent the warning from occurring when mem pool free is called.

Note: The provided information does not specify the exact version that contains the fix for this vulnerability. Therefore, it is recommended to update to the latest version of the Linux kernel to ensure you have the latest security patches.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.