5.5
MEDIUM
CVE-2024-56741
Linux Kernel AppArmor Memory Leak
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Dec. 29, 2024, 12:15 p.m.

Last Modified :

March 3, 2025, 9:15 a.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

3.6

Exploitability Score :

1.8
Public PoC/Exploit Available at Github

CVE-2024-56741 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-56741 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
cku-heise/euvd-api-doc

None

Updated: 2 days, 4 hours ago
4 stars 1 fork 1 watcher
Born at : April 16, 2025, 1:43 p.m. This repo has been linked 280 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-56741 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-56741 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 03, 2025

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 03, 2025

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<000000008ecde918>] policy_unpack_test_unpack_strdup_with_null_name+0xf8/0x3ec [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c2a29090 (size 8): comm "kunit_try_catch", pid 227, jiffies 4294894409 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<0000000046a45c1a>] policy_unpack_test_unpack_strdup_with_name+0xd0/0x3c4 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed CVSS V3.1 NIST: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
    Removed CWE NIST: CWE-401
    Removed CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.12 from (excluding) 6.12.2 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 from (excluding) 6.11.11 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 from (excluding) 6.1.120 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 from (excluding) 5.15.174 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 from (excluding) 6.6.64 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.6 from (excluding) 5.10.231
    Removed Reference kernel.org: https://git.kernel.org/stable/c/2a9b68f2dc6812bd1b8880b5c00e60203d6f61f6
    Removed Reference kernel.org: https://git.kernel.org/stable/c/5354599855a9b5568e05ce686119ee3ff8b19bd5
    Removed Reference kernel.org: https://git.kernel.org/stable/c/59a149e7c38e7b76616c8b333fc6aa5b6fb2293c
    Removed Reference kernel.org: https://git.kernel.org/stable/c/7290f59231910ccba427d441a6e8b8c6f6112448
    Removed Reference kernel.org: https://git.kernel.org/stable/c/89265f88701e54dde255ddf862093baeca57548c
    Removed Reference kernel.org: https://git.kernel.org/stable/c/d62ee5739a66644b0e7f11e657d562458cdcdea3
    Removed Reference kernel.org: https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9c875e878b085e9f
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/2a9b68f2dc6812bd1b8880b5c00e60203d6f61f6 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/5354599855a9b5568e05ce686119ee3ff8b19bd5 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/59a149e7c38e7b76616c8b333fc6aa5b6fb2293c Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/7290f59231910ccba427d441a6e8b8c6f6112448 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/89265f88701e54dde255ddf862093baeca57548c Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/d62ee5739a66644b0e7f11e657d562458cdcdea3 Types: Patch
    Removed Reference Type kernel.org: https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9c875e878b085e9f Types: Patch
  • Initial Analysis by [email protected]

    Jan. 07, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
    Added CWE NIST CWE-401
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.6 up to (excluding) 5.10.231 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.174 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.120 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.64 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.11.11 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.12 up to (excluding) 6.12.2
    Changed Reference Type https://git.kernel.org/stable/c/2a9b68f2dc6812bd1b8880b5c00e60203d6f61f6 No Types Assigned https://git.kernel.org/stable/c/2a9b68f2dc6812bd1b8880b5c00e60203d6f61f6 Patch
    Changed Reference Type https://git.kernel.org/stable/c/5354599855a9b5568e05ce686119ee3ff8b19bd5 No Types Assigned https://git.kernel.org/stable/c/5354599855a9b5568e05ce686119ee3ff8b19bd5 Patch
    Changed Reference Type https://git.kernel.org/stable/c/59a149e7c38e7b76616c8b333fc6aa5b6fb2293c No Types Assigned https://git.kernel.org/stable/c/59a149e7c38e7b76616c8b333fc6aa5b6fb2293c Patch
    Changed Reference Type https://git.kernel.org/stable/c/7290f59231910ccba427d441a6e8b8c6f6112448 No Types Assigned https://git.kernel.org/stable/c/7290f59231910ccba427d441a6e8b8c6f6112448 Patch
    Changed Reference Type https://git.kernel.org/stable/c/89265f88701e54dde255ddf862093baeca57548c No Types Assigned https://git.kernel.org/stable/c/89265f88701e54dde255ddf862093baeca57548c Patch
    Changed Reference Type https://git.kernel.org/stable/c/d62ee5739a66644b0e7f11e657d562458cdcdea3 No Types Assigned https://git.kernel.org/stable/c/d62ee5739a66644b0e7f11e657d562458cdcdea3 Patch
    Changed Reference Type https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9c875e878b085e9f No Types Assigned https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9c875e878b085e9f Patch
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 29, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<000000008ecde918>] policy_unpack_test_unpack_strdup_with_null_name+0xf8/0x3ec [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c2a29090 (size 8): comm "kunit_try_catch", pid 227, jiffies 4294894409 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<0000000046a45c1a>] policy_unpack_test_unpack_strdup_with_name+0xd0/0x3c4 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20
    Added Reference https://git.kernel.org/stable/c/2a9b68f2dc6812bd1b8880b5c00e60203d6f61f6
    Added Reference https://git.kernel.org/stable/c/5354599855a9b5568e05ce686119ee3ff8b19bd5
    Added Reference https://git.kernel.org/stable/c/59a149e7c38e7b76616c8b333fc6aa5b6fb2293c
    Added Reference https://git.kernel.org/stable/c/7290f59231910ccba427d441a6e8b8c6f6112448
    Added Reference https://git.kernel.org/stable/c/89265f88701e54dde255ddf862093baeca57548c
    Added Reference https://git.kernel.org/stable/c/d62ee5739a66644b0e7f11e657d562458cdcdea3
    Added Reference https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9c875e878b085e9f
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-56741 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-56741 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
:
© cvefeed.io
Latest DB Update: Apr. 26, 2025 9:53