CVE-2024-14027

In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput() in fremovexattr error path In the Linux kernel, the fremovexattr() syscall calls fdget() to acquire a file reference but returns early without calling fdput() when strncpy_from_user() fails on the name argument. In multi-threaded processes where fdget() takes the slow path, this permanently leaks one file reference per call, pinning the struct file and associated kernel objects in memory. An unprivileged local user can exploit this to cause kernel memory exhaustion. The issue was inadvertently fixed by commit a71874379ec8 ("xattr: switch to CLASS(fd)").
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

26 Jun 2026, 20:18

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-401
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
References () https://git.kernel.org/stable/c/9a3a2ae5efbbcaed37551218abed94e23c537157 - () https://git.kernel.org/stable/c/9a3a2ae5efbbcaed37551218abed94e23c537157 - Patch
References () https://git.kernel.org/stable/c/a71874379ec8c6e788a61d71b3ad014a8d9a5c08 - () https://git.kernel.org/stable/c/a71874379ec8c6e788a61d71b3ad014a8d9a5c08 - Patch
References () https://git.kernel.org/stable/c/d151b94967c8247005435b63fc60f8f4baa320da - () https://git.kernel.org/stable/c/d151b94967c8247005435b63fc60f8f4baa320da - Patch
First Time Linux linux Kernel
Linux

06 Apr 2026, 08:16

Type Values Removed Values Added
References
  • {'url': 'https://git.kernel.org/stable/c/5a1e865e51063d6c56f673ec8ad4b6604321b455', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • () https://git.kernel.org/stable/c/9a3a2ae5efbbcaed37551218abed94e23c537157 -

02 Apr 2026, 12:16

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/5a1e865e51063d6c56f673ec8ad4b6604321b455 -

13 Mar 2026, 19:53

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/d151b94967c8247005435b63fc60f8f4baa320da -

11 Mar 2026, 13:53

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: fs/xattr: falta fdput() en la ruta de error de fremovexattr En el kernel de Linux, la llamada al sistema fremovexattr() llama a fdget() para adquirir una referencia de archivo, pero retorna prematuramente sin llamar a fdput() cuando strncpy_from_user() falla en el argumento 'name'. En procesos multihilo donde fdget() toma la ruta lenta, esto fuga permanentemente una referencia de archivo por llamada, fijando la estructura 'struct file' y los objetos del kernel asociados en memoria. Un usuario local sin privilegios puede explotar esto para causar agotamiento de la memoria del kernel. El problema fue corregido inadvertidamente por el commit a71874379ec8 ('xattr: switch to CLASS(fd)').

09 Mar 2026, 16:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-03-09 16:16

Updated : 2026-06-26 20:18


NVD link : CVE-2024-14027

Mitre link : CVE-2024-14027

CVE.ORG link : CVE-2024-14027


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-401

Missing Release of Memory after Effective Lifetime