CVE-2024-43888

UNKNOWN 0.0

mm: list_lru: fix UAF for memory cgroup

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: mm: list_lru: fix UAF for memory cgroup The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or cgroup_mutex or others which could prevent returned memcg from being freed. Fix it by adding missing rcu read lock. Found by code inspection. [[email protected]: only grab rcu lock when necessary, per Vlastimil]

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Aug 26, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

0a97c01cd20bb96359d8c9dedad92a061ed34e0b < 4589f77c18dd98b65f45617b6d1e95313cf6fcab 0a97c01cd20bb96359d8c9dedad92a061ed34e0b < 5161b48712dcd08ec427c450399d4d1483e21dea

Linux / Linux

6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/4589f77c18dd98b65f45617b6d1e95313cf6fcab git.kernel.org: https://git.kernel.org/stable/c/5161b48712dcd08ec427c450399d4d1483e21dea