CVE-2024-41025

misc: fastrpc: Fix memory leak in audio daemon attach operation

EPSS 0.3%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

29 Jul 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is never freed which might result in memory leak. Free the memory when it is not needed.

Affected products

Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://git.kernel.org/stable/c/8b8b82dcf393ceaca8c88939338fd4c30b5b11b2 https://git.kernel.org/stable/c/ad0bd973a033003ca578c42a760d1dc77aeea15e https://git.kernel.org/stable/c/dbf4c31c9b039fd9734da156036492a2a7f78f64