CVE-2024-53172

ubi: fastmap: Fix duplicate slab cache names while attaching

Description

In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names while attaching Since commit 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y"), the duplicate slab cache names can be detected and a kernel WARNING is thrown out. In UBI fast attaching process, alloc_ai() could be invoked twice with the same slab cache name 'ubi_aeb_slab_cache', which will trigger following warning messages: kmem_cache of name 'ubi_aeb_slab_cache' already exists WARNING: CPU: 0 PID: 7519 at mm/slab_common.c:107 __kmem_cache_create_args+0x100/0x5f0 Modules linked in: ubi(+) nandsim [last unloaded: nandsim] CPU: 0 UID: 0 PID: 7519 Comm: modprobe Tainted: G 6.12.0-rc2 RIP: 0010:__kmem_cache_create_args+0x100/0x5f0 Call Trace: __kmem_cache_create_args+0x100/0x5f0 alloc_ai+0x295/0x3f0 [ubi] ubi_attach+0x3c3/0xcc0 [ubi] ubi_attach_mtd_dev+0x17cf/0x3fa0 [ubi] ubi_init+0x3fb/0x800 [ubi] do_init_module+0x265/0x7d0 __x64_sys_finit_module+0x7a/0xc0 The problem could be easily reproduced by loading UBI device by fastmap with CONFIG_DEBUG_VM=y. Fix it by using different slab names for alloc_ai() callers.

N/A
CVSS
Severity:
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/ef52b7191ac41e68b1bf070d00c5b04ed16e4920
https://git.kernel.org/stable/c/871c148f8e0c32e505df9393ba4a303c3c3fe988
https://git.kernel.org/stable/c/04c0b0f37617099479c34e207c5550d081f585a6
https://git.kernel.org/stable/c/b1ee0aa4945c49cbbd779da81040fcec4de80fd1
https://git.kernel.org/stable/c/6afdcb285794e75d2c8995e3a44f523c176cc2de
https://git.kernel.org/stable/c/612824dd0c9465ef365ace38b056c663d110956d
https://git.kernel.org/stable/c/3d8558135cd56a2a8052024be4073e160f36658c
https://git.kernel.org/stable/c/7402c4bcb8a3f0d2ef4e687cd45c76be489cf509
https://git.kernel.org/stable/c/bcddf52b7a17adcebc768d26f4e27cf79adb424c

Frequently Asked Questions

What is the severity of CVE-2024-53172?
CVE-2024-53172 has not yet been assigned a CVSS score.
How to fix CVE-2024-53172?
To fix CVE-2024-53172, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-53172 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-53172 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-53172?
CVE-2024-53172 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.