5.5
CVE-2024-41076
- EPSS 0.21%
- Veröffentlicht 29.07.2024 15:15:15
- Zuletzt bearbeitet 03.11.2025 22:17:31
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
NFSv4: Fix memory leak in nfs4_set_security_label
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label We leak nfs_fattr and nfs4_label every time we set a security xattr.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.1.101
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.42
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.11
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.111 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/899604a7c958771840941caff9ee3dd8193d984c
https://git.kernel.org/stable/c/aad11473f8f4be3df86461081ce35ec5b145ba68
https://git.kernel.org/stable/c/b98090699319e64f5de1e8db5bb75870f1eb1c6e
https://git.kernel.org/stable/c/d130220ccc94d74d70da984a199477937e7bf03c
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html