CVE-2024-53049

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-53049
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53049.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53049
Downstream
Related
Published
2024-11-19T17:19:35Z
Modified
2025-10-14T20:09:59.468518Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof
Details

In the Linux kernel, the following vulnerability has been resolved:

slub/kunit: fix a WARNING due to unwrapped _kmalloccache_noprof

'modprobe slubkunit' will have a warning as shown below. The root cause is that _kmalloccachenoprof was directly used, which resulted in no alloctag being allocated. This caused current->alloctag to be null, leading to a warning in alloctagadd_check.

Let's add an allochook layer to _kmalloccachenoprof specifically within lib/slub_kunit.c, which is the only user of this internal slub function outside kmalloc implementation itself.

[58162.947016] WARNING: CPU: 2 PID: 6210 at ./include/linux/alloctag.h:125 alloctaggingslaballochook+0x268/0x27c [58162.957721] Call trace: [58162.957919] alloctaggingslaballochook+0x268/0x27c [58162.958286] _kmalloccachenoprof+0x14c/0x344 [58162.958615] testkmallocredzoneaccess+0x50/0x10c [slubkunit] [58162.959045] kunittryruncase+0x74/0x184 [kunit] [58162.959401] kunitgenericrunthreadfnadapter+0x2c/0x4c [kunit] [58162.959841] kthread+0x10c/0x118 [58162.960093] retfrom_fork+0x10/0x20 [58162.960363] ---[ end trace 0000000000000000 ]---

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a0a44d9175b349df2462089140fb7f292100bd7c
Fixed
79aea7dfd98fbbf282d1408fc21849fc9a677768
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a0a44d9175b349df2462089140fb7f292100bd7c
Fixed
2b059d0d1e624adc6e69a754bc48057f8bf459dc

Affected versions

v6.*

v6.10
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.12-rc1
v6.12-rc2

Database specific 

{
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "target": {
                "function": "test_kmalloc_redzone_access",
                "file": "lib/slub_kunit.c"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2b059d0d1e624adc6e69a754bc48057f8bf459dc",
            "deprecated": false,
            "digest": {
                "length": 390.0,
                "function_hash": "72604978824882381178841086026749672208"
            },
            "id": "CVE-2024-53049-579b356f"
        },
        {
            "signature_version": "v1",
            "target": {
                "file": "lib/slub_kunit.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79aea7dfd98fbbf282d1408fc21849fc9a677768",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "161927067797422163935970591223926130915",
                    "212169536777444191654391865145566073729",
                    "49062748030069358877335915963493064821",
                    "126954054711649547935167170897633163313"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-53049-6bc76673"
        },
        {
            "signature_version": "v1",
            "target": {
                "file": "lib/slub_kunit.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2b059d0d1e624adc6e69a754bc48057f8bf459dc",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "161927067797422163935970591223926130915",
                    "212169536777444191654391865145566073729",
                    "49062748030069358877335915963493064821",
                    "126954054711649547935167170897633163313"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-53049-6bd0d801"
        },
        {
            "signature_version": "v1",
            "target": {
                "function": "test_kmalloc_redzone_access",
                "file": "lib/slub_kunit.c"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79aea7dfd98fbbf282d1408fc21849fc9a677768",
            "deprecated": false,
            "digest": {
                "length": 390.0,
                "function_hash": "72604978824882381178841086026749672208"
            },
            "id": "CVE-2024-53049-ca75d541"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.11.7