CVE-2024-56566

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.1-1

Description The issue is related to list corruption when removing a slab from the full list in the Linux kernel. If an allocated object fails in alloc consistency checks, all objects of the slab will be marked as used and then removed from the partial list. When an object belonging to the slab is freed later, the remove full() function is called, leading to list corruption because the slab is neither on the partial list nor the full list. The debug caches avoid all fastpaths, and reusing the frozen bit to mark the slab page with metadata corruption seems to be fine.

Recommendations To resolve the issue, boot with slub debug=UFPZ. As a temporary workaround, consider disabling the remove full() function until a patch is available. Restrict access to the vulnerable mm/slub module to minimize the risk of exploitation. Avoid using the alloc consistency checks parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.