// For flags

CVE-2024-0443

Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.

Se encontró un fallo en la ruta de destrucción de blkgs en block/blk-cgroup.c en el kernel de Linux, lo que provocó un problema de pérdida de memoria de cgroup blkio. Cuando se destruye un cgroup, cgroup_rstat_flush() solo se llama en css_release_work_fn(), que se llama cuando el recuento de referencias de blkcg llega a 0. Esta dependencia circular evitará que blkcg y algunos blkgs se liberen después de desconectarse. Este problema puede permitir que un atacante con acceso local cause inestabilidad en el sistema, como un error de falta de memoria.

*Credits: This issue was discovered by Jay Shin (Red Hat).
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2024-01-11 CVE Reserved
  • 2024-01-11 CVE Published
  • 2024-01-19 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak')
  • CWE-668: Exposure of Resource to Wrong Sphere
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 >= 6.2 < 6.4
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.2 < 6.4"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 6.4
Search vendor "Linux" for product "Linux Kernel" and version "6.4"
rc1
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 6.4
Search vendor "Linux" for product "Linux Kernel" and version "6.4"
rc2
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 6.4
Search vendor "Linux" for product "Linux Kernel" and version "6.4"
rc3
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 6.4
Search vendor "Linux" for product "Linux Kernel" and version "6.4"
rc4
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 6.4
Search vendor "Linux" for product "Linux Kernel" and version "6.4"
rc5
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 6.4
Search vendor "Linux" for product "Linux Kernel" and version "6.4"
rc6
Affected
Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 8.0
Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"
-
Affected
Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 9.0
Search vendor "Redhat" for product "Enterprise Linux" and version "9.0"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 39
Search vendor "Fedoraproject" for product "Fedora" and version "39"
-
Affected