CVE-2024-53077

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 25, 2024
CWE ID 401

Summary

CVE-2024-53077 is a vulnerability affecting the Linux kernel that has been addressed. The issue lies within the rpcrdma component, where the rpcrdma_device's xa_array was not properly released. Dai discovered that the xa_init_flags() in rpcrdma_add_one() lacked a corresponding xa_destroy() function to free the underlying memory accumulated during operation. This oversight could lead to memory leaks and potential system instability. The vulnerability has been rectified in the latest kernel updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share