PT-2024-7055 · Linux+9 · Linux Kernel+9

Wander Lairson Costa

·

Published

2024-07-01

·

Updated

2026-05-26

·

CVE-2024-41023

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a memory leak in the Linux kernel, specifically in the sched/deadline module. The leak occurs when the start dl timer() function increments the task struct reference count and sets a timer, but the timer callback dl task timer does not decrement the reference count when the timer is canceled by enqueue task dl(). This leads to a memory leak, which can cause issues with system performance and stability. The leak was detected using the kmemleak tool during a stress test with stress-ng.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2024:7000
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
AZL-57740
AZL-57743
BDU:2024-08313
CESA-2024_7000
CVE-2024-41023
ECHO-F148-0BB6-6176
INFSA-2024_7000
OESA-2024-1960
OESA-2024-1961
OESA-2024-1962
OESA-2024-1964
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2024_4376-1
RHSA-2024:10262
RHSA-2024:6744
RHSA-2024:6745
RHSA-2024:7000
RHSA-2024:9546
RHSA-2024_7000
SUSE-SU-2024:4314-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7156-1

Affected Products

Alt Linux
Almalinux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu