CVE-2024-41025

medium

Description

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is never freed which might result in memory leak. Free the memory when it is not needed.

References

https://git.kernel.org/stable/c/dbf4c31c9b039fd9734da156036492a2a7f78f64

https://git.kernel.org/stable/c/ad0bd973a033003ca578c42a760d1dc77aeea15e

https://git.kernel.org/stable/c/8b8b82dcf393ceaca8c88939338fd4c30b5b11b2

Details

Source: Mitre, NVD

Published: 2024-07-29

Updated: 2024-07-29

Risk Information

CVSS v2

Base Score: 3.2

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:P

Severity: Low

CVSS v3

Base Score: 4.4

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Severity: Medium