Linux Kernel Memory Leak Vulnerability in Capabilities Handling

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's capabilities management, specifically within the 'cap_inode_getsecurity()' function. The issue arises when 'vfs_getxattr_alloc()' is used to allocate memory for an attribute buffer. If the memory allocation is successful but the corresponding handler function fails to execute properly, the allocated memory is not freed, leading to a leak. This vulnerability has been addressed by modifying the error handling to ensure that the allocated memory is properly released in such scenarios.

Impact

Exploitation of this vulnerability could lead to a memory leak, where allocated memory is not properly freed, potentially causing increased memory usage and degradation of system performance over time.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Memory Leak Vulnerability in Capabilities Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating