{"uuid": "e088e791-79fa-4217-94a3-da6c083c98af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47755", "type": "seen", "source": "https://t.me/cvedetector/8490", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47755 - Linux NVDIMM Memory Leak Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47755 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnvdimm: Fix devs leaks in scan_labels()  \n  \nscan_labels() leaks memory when label scanning fails and it falls back  \nto just creating a default \"seed\" namespace for userspace to configure.  \nRoot can force the kernel to leak memory.  \n  \nAllocate the minimum resources unconditionally and release them when  \nunneeded to avoid the memory leak.  \n  \nA kmemleak reports:  \nunreferenced object 0xffff88800dda1980 (size 16):  \n  comm \"kworker/u10:5\", pid 69, jiffies 4294671781  \n  hex dump (first 16 bytes):  \n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................  \n  backtrace (crc 0):  \n    [<00000000c5dea560] __kmalloc+0x32c/0x470  \n    [<000000009ed43c83] nd_region_register_namespaces+0x6fb/0x1120 [libnvdimm]  \n    [<000000000e07a65c] nd_region_probe+0xfe/0x210 [libnvdimm]  \n    [<000000007b79ce5f] nvdimm_bus_probe+0x7a/0x1e0 [libnvdimm]  \n    [<00000000a5f3da2e] really_probe+0xc6/0x390  \n    [<00000000129e2a69] __driver_probe_device+0x78/0x150  \n    [<000000002dfed28b] driver_probe_device+0x1e/0x90  \n    [<00000000e7048de2] __device_attach_driver+0x85/0x110  \n    [<0000000032dca295] bus_for_each_drv+0x85/0xe0  \n    [<00000000391c5a7d] __device_attach+0xbe/0x1e0  \n    [<0000000026dabec0] bus_probe_device+0x94/0xb0  \n    [<00000000c590d936] device_add+0x656/0x870  \n    [<000000003d69bfaa] nd_async_device_register+0xe/0x50 [libnvdimm]  \n    [<000000003f4c52a4] async_run_entry_fn+0x2e/0x110  \n    [<00000000e201f4b0] process_one_work+0x1ee/0x600  \n    [<000000006d90d5a9] worker_thread+0x183/0x350 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:01:02.000000Z"}