PT-2025-3592 · Linux+5 · Linux Kernel+5

Wang Liang

·

Published

2024-12-19

·

Updated

2025-10-03

·

CVE-2024-57841

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description A memory leak has been resolved in the Linux kernel. The issue occurs when inet csk reqsk queue hash add() returns false in tcp conn request(), causing the function to return without freeing the allocated dst memory. This results in a memory leak. The kmemleak stack trace shows an unreferenced object, indicating the memory leak. To fix this issue, dst release() should be called to free the dst memory when inet csk reqsk queue hash add() returns false in tcp conn request().
Recommendations Update to Linux kernel version 6.6.74 or later to resolve the memory leak issue. As a temporary workaround, consider implementing a custom solution to call dst release() when inet csk reqsk queue hash add() returns false in tcp conn request(), until an official patch is available.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALT-PU-2025-1057
ALT-PU-2025-12647
ALT-PU-2025-1925
ALT-PU-2025-3483
ALT-PU-2025-3507
AZL-55846
AZL-55869
BDU:2025-04478
CVE-2024-57841
DLA-4076-1
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1110
OESA-2025-1111
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Ubuntu