1.7 KiB
CVE-2024-57886
Description
In the Linux kernel, the following vulnerability has been resolved:mm/damon/core: fix new damon_target objects leaks on damon_commit_targets()Patch series "mm/damon/core: fix memory leaks and ignored inputs fromdamon_commit_ctx()".Due to two bugs in damon_commit_targets() and damon_commit_schemes(),which are called from damon_commit_ctx(), some user inputs can be ignored,and some mmeory objects can be leaked. Fix those.Note that only DAMON sysfs interface users are affected. Other DAMON coreAPI user modules that more focused more on simple and dedicated productionusages, including DAMON_RECLAIM and DAMON_LRU_SORT are not using the buggyfunction in the way, so not affected.This patch (of 2):When new DAMON targets are added via damon_commit_targets(), the newlycreated targets are not deallocated when updating the internal data(damon_commit_target()) is failed. Worse yet, even if the setup issuccessfully done, the new target is not linked to the context. Hence,the new targets are always leaked regardless of the internal data setupfailure. Fix the leaks.
POC
Reference
No PoCs from references.