{"uuid": "46e37d4f-ae5b-4924-a5d0-f0017d27f304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44973", "type": "seen", "source": "https://t.me/cvedetector/4837", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44973 - Linux Kernel Slab Allocator Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-44973 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nmm, slub: do not call do_slab_free for kfence object  \n  \nIn 782f8906f805 the freeing of kfence objects was moved from deep  \ninside do_slab_free to the wrapper functions outside. This is a nice  \nchange, but unfortunately it missed one spot in __kmem_cache_free_bulk.  \n  \nThis results in a crash like this:  \n  \nBUG skbuff_head_cache (Tainted: G S  B       E     ): Padding overwritten. 0xffff88907fea0f00-0xffff88907fea0fff @offset=3840  \n  \nslab_err (mm/slub.c:1129)  \nfree_to_partial_list (mm/slub.c:? mm/slub.c:4036)  \nslab_pad_check (mm/slub.c:864 mm/slub.c:1290)  \ncheck_slab (mm/slub.c:?)  \nfree_to_partial_list (mm/slub.c:3171 mm/slub.c:4036)  \nkmem_cache_alloc_bulk (mm/slub.c:? mm/slub.c:4495 mm/slub.c:4586 mm/slub.c:4635)  \nnapi_build_skb (net/core/skbuff.c:348 net/core/skbuff.c:527 net/core/skbuff.c:549)  \n  \nAll the other callers to do_slab_free appear to be ok.  \n  \nAdd a kfence_free check in __kmem_cache_free_bulk to avoid the crash. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:12.000000Z"}