CVE-2023-52560
Vulnerability from cvelistv5
Published
2024-03-02 21:59
Modified
2024-11-04 14:48
Severity ?
Summary
mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52560",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-04T15:35:56.845645Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:06.685Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:20.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/damon/vaddr-test.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9a4fe81a8644",
              "status": "affected",
              "version": "9f86d624292c",
              "versionType": "git"
            },
            {
              "lessThan": "6b522001693a",
              "status": "affected",
              "version": "9f86d624292c",
              "versionType": "git"
            },
            {
              "lessThan": "45120b15743f",
              "status": "affected",
              "version": "9f86d624292c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/damon/vaddr-test.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "lessThan": "5.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.56",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()\n\nWhen CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y\nand CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected.\n\nSince commit 9f86d624292c (\"mm/damon/vaddr-test: remove unnecessary\nvariables\"), the damon_destroy_ctx() is removed, but still call\ndamon_new_target() and damon_new_region(), the damon_region which is\nallocated by kmem_cache_alloc() in damon_new_region() and the damon_target\nwhich is allocated by kmalloc in damon_new_target() are not freed.  And\nthe damon_region which is allocated in damon_new_region() in\ndamon_set_regions() is also not freed.\n\nSo use damon_destroy_target to free all the damon_regions and damon_target.\n\n    unreferenced object 0xffff888107c9a940 (size 64):\n      comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n      hex dump (first 32 bytes):\n        00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b  ............kkkk\n        60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff  `...............\n      backtrace:\n        [\u003cffffffff817e0167\u003e] kmalloc_trace+0x27/0xa0\n        [\u003cffffffff819c11cf\u003e] damon_new_target+0x3f/0x1b0\n        [\u003cffffffff819c7d55\u003e] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n        [\u003cffffffff819c82be\u003e] damon_test_apply_three_regions1+0x21e/0x260\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\n        [\u003cffffffff81003791\u003e] ret_from_fork_asm+0x11/0x20\n    unreferenced object 0xffff8881079cc740 (size 56):\n      comm \"kunit_try_catch\", pid 1069, jiffies 4294670592 (age 732.761s)\n      hex dump (first 32 bytes):\n        05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00  ................\n        6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b  kkkkkkkk....kkkk\n      backtrace:\n        [\u003cffffffff819bc492\u003e] damon_new_region+0x22/0x1c0\n        [\u003cffffffff819c7d91\u003e] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n        [\u003cffffffff819c82be\u003e] damon_test_apply_three_regions1+0x21e/0x260\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\n        [\u003cffffffff81003791\u003e] ret_from_fork_asm+0x11/0x20\n    unreferenced object 0xffff888107c9ac40 (size 64):\n      comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n      hex dump (first 32 bytes):\n        00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b  ............kkkk\n        a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff  ........x.v.....\n      backtrace:\n        [\u003cffffffff817e0167\u003e] kmalloc_trace+0x27/0xa0\n        [\u003cffffffff819c11cf\u003e] damon_new_target+0x3f/0x1b0\n        [\u003cffffffff819c7d55\u003e] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\n        [\u003cffffffff819c851e\u003e] damon_test_apply_three_regions2+0x21e/0x260\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\n        [\u003cffffffff81003791\u003e] ret_from_fork_asm+0x11/0x20\n    unreferenced object 0xffff8881079ccc80 (size 56):\n      comm \"kunit_try_catch\", pid 1071, jiffies 4294670595 (age 732.843s)\n      hex dump (first 32 bytes):\n        05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00  ................\n        6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b  kkkkkkkk....kkkk\n      backtrace:\n        [\u003cffffffff819bc492\u003e] damon_new_region+0x22/0x1c0\n        [\u003cffffffff819c7d91\u003e] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\n        [\u003cffffffff819c851e\u003e] damon_test_apply_three_regions2+0x21e/0x260\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\n        [\u003cffff\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:48:44.322Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86"
        },
        {
          "url": "https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd"
        }
      ],
      "title": "mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52560",
    "datePublished": "2024-03-02T21:59:34.084Z",
    "dateReserved": "2024-03-02T21:55:42.566Z",
    "dateUpdated": "2024-11-04T14:48:44.322Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52560\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-02T22:15:48.750\",\"lastModified\":\"2024-03-04T13:58:23.447\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions()\\n\\nWhen CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFIG_DEBUG_KMEMLEAK=y\\nand CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the below memory leak is detected.\\n\\nSince commit 9f86d624292c (\\\"mm/damon/vaddr-test: remove unnecessary\\nvariables\\\"), the damon_destroy_ctx() is removed, but still call\\ndamon_new_target() and damon_new_region(), the damon_region which is\\nallocated by kmem_cache_alloc() in damon_new_region() and the damon_target\\nwhich is allocated by kmalloc in damon_new_target() are not freed.  And\\nthe damon_region which is allocated in damon_new_region() in\\ndamon_set_regions() is also not freed.\\n\\nSo use damon_destroy_target to free all the damon_regions and damon_target.\\n\\n    unreferenced object 0xffff888107c9a940 (size 64):\\n      comm \\\"kunit_try_catch\\\", pid 1069, jiffies 4294670592 (age 732.761s)\\n      hex dump (first 32 bytes):\\n        00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b  ............kkkk\\n        60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff  `...............\\n      backtrace:\\n        [\u003cffffffff817e0167\u003e] kmalloc_trace+0x27/0xa0\\n        [\u003cffffffff819c11cf\u003e] damon_new_target+0x3f/0x1b0\\n        [\u003cffffffff819c7d55\u003e] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\\n        [\u003cffffffff819c82be\u003e] damon_test_apply_three_regions1+0x21e/0x260\\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\\n        [\u003cffffffff81003791\u003e] ret_from_fork_asm+0x11/0x20\\n    unreferenced object 0xffff8881079cc740 (size 56):\\n      comm \\\"kunit_try_catch\\\", pid 1069, jiffies 4294670592 (age 732.761s)\\n      hex dump (first 32 bytes):\\n        05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00  ................\\n        6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b  kkkkkkkk....kkkk\\n      backtrace:\\n        [\u003cffffffff819bc492\u003e] damon_new_region+0x22/0x1c0\\n        [\u003cffffffff819c7d91\u003e] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\\n        [\u003cffffffff819c82be\u003e] damon_test_apply_three_regions1+0x21e/0x260\\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\\n        [\u003cffffffff81003791\u003e] ret_from_fork_asm+0x11/0x20\\n    unreferenced object 0xffff888107c9ac40 (size 64):\\n      comm \\\"kunit_try_catch\\\", pid 1071, jiffies 4294670595 (age 732.843s)\\n      hex dump (first 32 bytes):\\n        00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b  ............kkkk\\n        a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff  ........x.v.....\\n      backtrace:\\n        [\u003cffffffff817e0167\u003e] kmalloc_trace+0x27/0xa0\\n        [\u003cffffffff819c11cf\u003e] damon_new_target+0x3f/0x1b0\\n        [\u003cffffffff819c7d55\u003e] damon_do_test_apply_three_regions.constprop.0+0x95/0x3e0\\n        [\u003cffffffff819c851e\u003e] damon_test_apply_three_regions2+0x21e/0x260\\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\\n        [\u003cffffffff81003791\u003e] ret_from_fork_asm+0x11/0x20\\n    unreferenced object 0xffff8881079ccc80 (size 56):\\n      comm \\\"kunit_try_catch\\\", pid 1071, jiffies 4294670595 (age 732.843s)\\n      hex dump (first 32 bytes):\\n        05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00  ................\\n        6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b  kkkkkkkk....kkkk\\n      backtrace:\\n        [\u003cffffffff819bc492\u003e] damon_new_region+0x22/0x1c0\\n        [\u003cffffffff819c7d91\u003e] damon_do_test_apply_three_regions.constprop.0+0xd1/0x3e0\\n        [\u003cffffffff819c851e\u003e] damon_test_apply_three_regions2+0x21e/0x260\\n        [\u003cffffffff829fce6a\u003e] kunit_generic_run_threadfn_adapter+0x4a/0x90\\n        [\u003cffffffff81237cf6\u003e] kthread+0x2b6/0x380\\n        [\u003cffffffff81097add\u003e] ret_from_fork+0x2d/0x70\\n        [\u003cffff\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm/damon/vaddr-test: corrige la p\u00e9rdida de memoria en damon_do_test_apply_tres_regions() Cuando CONFIG_DAMON_VADDR_KUNIT_TEST=y y se hace CONFIG_DEBUG_KMEMLEAK=y y CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, se detecta la siguiente p\u00e9rdida de memoria. Desde el commit 9f86d624292c (\\\"mm/damon/vaddr-test: eliminar variables innecesarias\\\"), damon_destroy_ctx() se elimina, pero a\u00fan se llama a damon_new_target() y damon_new_region(), la damon_region asignada por kmem_cache_alloc() en damon_new_region() y el damon_target asignado por kmalloc en damon_new_target() no se libera. Y el damon_region que est\u00e1 asignado en damon_new_region() en damon_set_regions() tampoco se libera. Entonces use damon_destroy_target para liberar todos los damon_regions y damon_target. objeto sin referencia 0xffff888107c9a940 (tama\u00f1o 64): comm \\\"kunit_try_catch\\\", pid 1069, jiffies 4294670592 (edad 732,761 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b... .........kkkk 60 c7 9c 07 81 88 ff ff f8 cb 9c 07 81 88 ff ff `................. backtrace: [] kmalloc_trace +0x27/0xa0 [] damon_new_target+0x3f/0x1b0 [] damon_do_test_apply_tres_regiones.constprop.0+0x95/0x3e0 [] damon_test_apply_tres_regiones1+0x21e/ 0x260 [] kunit_generic_run_threadfn_adapter+0x4a/0x90 [\u0026lt; ffffffff81237cf6\u0026gt;] kthread+0x2b6/0x380 [] ret_from_fork+0x2d/0x70 [] ret_from_fork_asm+0x11/0x20 objeto sin referencia 0xffff8881079cc740 (tama\u00f1o 56): comm \\\"kunit_try_catch\\\", pid 1069, santiam\u00e9n 4294670592 (edad 732,761 s ) volcado hexadecimal (primeros 32 bytes): 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................ 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk retroceso: [] damon_new_region+0x22/0x1c0 [] damon_do_test_apply_tres_regiones.constprop.0+0xd1/0x3e0 [] damon_test_apply_tres_regiones1+0x21e/0x260 [ ] kunit_generic_run_threadfn_adapter+0x4a/0x90 [] kthread+0x2b6/0x380 [] ret_from_fork+0x2d/0x70 [] ret_from_ fork_asm+0x11/0x20 objeto sin referencia 0xffff888107c9ac40 (tama\u00f1o 64): comm \\\"kunit_try_catch \\\", pid 1071, santiam\u00e9n 4294670595 (edad 732,843 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 06 00 00 00 6b 6b 6b 6b ............kkkk a0 cc 9c 07 81 88 ff ff 78 a1 76 07 81 88 ff ff ........xv.... rastreo: [] kmalloc_trace+0x27/0xa0 [] damon_new_target+0x3f/0x1b0 [] damon_do_test_apply_tres_regiones.constprop.0+0x95/0x3e0 [] damon_test_apply_tres_regiones2+0x21e/0x260 [] kunit_generic_run_threadfn_adapter+0x4 a/0x90 [] kthread+0x2b6/0x380 [] ret_from_fork +0x2d/0x70 [] ret_from_fork_asm+0x11/0x20 objeto sin referencia 0xffff8881079ccc80 (tama\u00f1o 56): comm \\\"kunit_try_catch\\\", pid 1071, jiffies 4294670595 (edad 732.843 s) volcado hexadecimal (primero 32 bytes): 05 00 00 00 00 00 00 00 14 00 00 00 00 00 00 00 ................ 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b 6b kkkkkkkk....kkkk retroceso : [] damon_new_region+0x22/0x1c0 [] damon_do_test_apply_tres_regiones.constprop.0+0xd1/0x3e0 [] damon_test_apply_tres_regiones2+0x21e/0x260 [] kunit_generic_run_threadfn_adapter+0x4a/0x90 [] kthread+0x2b6/0x380 [] ret_from_fork+0x2d/0x70 [\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/45120b15743fa7c0aa53d5db6dfb4c8f87be4abd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6b522001693aa113d97a985abc5f6932972e8e86\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9a4fe81a8644b717d57d81ce5849e16583b13fe8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.