CVE-2024-0443— Linux kernel 安全漏洞

Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

将私有的资源传输到一个新的空间(资源泄露)

Linux kernel 安全漏洞

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于block/blk-cgroup.c中的 blkgs destruction路径存在缺陷，导致cgroup blkio内存泄漏。

N/A

N/A