CVE-2024-50165

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50165
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50165.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-50165
Downstream
Related
Published
2024-11-07T09:31:41.923Z
Modified
2025-11-20T06:22:42.313515Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
bpf: Preserve param->string when parsing mount options
Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Preserve param->string when parsing mount options

In bpfparseparam(), keep the value of param->string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param->string will be leaked as shown below:

unreferenced object 0xffff888118c46d20 (size 8): comm "newname", pid 12109, jiffies 4295580214 hex dump (first 8 bytes): 61 6e 79 00 38 c9 5c 7e any.8.\~ backtrace (crc e1b7f876): [<00000000c6848ac7>] kmemleakalloc+0x4b/0x80 [<00000000de9f7d00>] _kmallocnodetrackcallernoprof+0x36e/0x4a0 [<000000003e29b886>] memdupuser+0x32/0xa0 [<0000000007248326>] strndupuser+0x46/0x60 [<0000000035b3dd29>] _x64sysfsconfig+0x368/0x3d0 [<0000000018657927>] x64syscall+0xff/0x9f0 [<00000000c0cabc95>] dosyscall64+0x3b/0xc0 [<000000002f331597>] entrySYSCALL64afterhwframe+0x4b/0x53

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6c1752e0b6ca8c7021d6da3926738d8d88f601a9
Fixed
5d7a0a426540319327309035509cb768a2f5c2c4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6c1752e0b6ca8c7021d6da3926738d8d88f601a9
Fixed
1f97c03f43fadc407de5b5cb01c07755053e1c22

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "length": 2029.0,
            "function_hash": "72720106357122097708330894878075056874"
        },
        "target": {
            "file": "kernel/bpf/inode.c",
            "function": "bpf_parse_param"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f97c03f43fadc407de5b5cb01c07755053e1c22",
        "signature_version": "v1",
        "id": "CVE-2024-50165-0405541a"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "length": 2029.0,
            "function_hash": "72720106357122097708330894878075056874"
        },
        "target": {
            "file": "kernel/bpf/inode.c",
            "function": "bpf_parse_param"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5d7a0a426540319327309035509cb768a2f5c2c4",
        "signature_version": "v1",
        "id": "CVE-2024-50165-66e56bc6"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "297964597982529525630487527046892873429",
                "170673021131199120092723815675384244268",
                "313537075181027156850418458187178311130",
                "183743192806945152643144096882781120487",
                "284696533175987177215166180519421199362",
                "322553553642934167724919496574742915468",
                "176206821943126751552792704945336210172",
                "113012474195467293259247899369182212142"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "kernel/bpf/inode.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f97c03f43fadc407de5b5cb01c07755053e1c22",
        "signature_version": "v1",
        "id": "CVE-2024-50165-98f573e7"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "297964597982529525630487527046892873429",
                "170673021131199120092723815675384244268",
                "313537075181027156850418458187178311130",
                "183743192806945152643144096882781120487",
                "284696533175987177215166180519421199362",
                "322553553642934167724919496574742915468",
                "176206821943126751552792704945336210172",
                "113012474195467293259247899369182212142"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "kernel/bpf/inode.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5d7a0a426540319327309035509cb768a2f5c2c4",
        "signature_version": "v1",
        "id": "CVE-2024-50165-d0dd56a5"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.9.0
Fixed
6.11.6