Linux Kernel IMA Potential Memory Leak Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Integrity Measurement Architecture (IMA) could lead to a memory leak. This issue arises in the 'ima_init_crypto()' function, where the initialization process fails to properly allocate the SHA1 transformation. As a result, IMA cannot complete its initialization and exits without freeing the 'ima_algo_array', creating a potential memory leak. The vulnerability has been addressed by adding the missing 'kfree()' function to release the 'ima_algo_array' and prevent the memory leak.

Impact

Exploitation of this vulnerability could lead to a memory leak, causing increased memory usage and potentially allowing for memory exhaustion over time.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel IMA Potential Memory Leak Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating