CVE-2024-41076

Summary

In the Linux kernel, the following vulnerability has been resolved:

NFSv4: Fix memory leak in nfs4_set_security_label

We leak nfs_fattr and nfs4_label every time we set a security xattr.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1b00ad657997c8984a9e627a3bd37ea14f20beb2 < 899604a7c958771840941caff9ee3dd8193d984caffected
LinuxLinux1b00ad657997c8984a9e627a3bd37ea14f20beb2 < b98090699319e64f5de1e8db5bb75870f1eb1c6eaffected
LinuxLinux1b00ad657997c8984a9e627a3bd37ea14f20beb2 < d130220ccc94d74d70da984a199477937e7bf03caffected
LinuxLinux1b00ad657997c8984a9e627a3bd37ea14f20beb2 < aad11473f8f4be3df86461081ce35ec5b145ba68affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.101 <= 6.1.*unaffected
LinuxLinux6.6.42 <= 6.6.*unaffected
LinuxLinux6.9.11 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References