[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-56613":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":78,"related":79,"reserved_at":9,"published_at":97,"modified_at":98,"state":99,"summary":100,"references_raw":109,"kevs":124,"epss":125,"epss_history":128,"metrics":394,"affected":402},"CVE-2024-56613","In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma->numab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n  # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n  Running with 20*40 (== 800) tasks.\n\n  # dmesg | grep kmemleak\n  ...\n  kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n  kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n  # cat /sys/kernel/debug/kmemleak\n  unreferenced object 0xffff888cd8ca2c40 (size 64):\n    comm \"hackbench\", pid 17142, jiffies 4299780315\n    hex dump (first 32 bytes):\n      ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00  .tI.....L.I.....\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    backtrace (crc bff18fd4):\n      [\u003Cffffffff81419a89>] __kmalloc_cache_noprof+0x2f9/0x3f0\n      [\u003Cffffffff8113f715>] task_numa_work+0x725/0xa00\n      [\u003Cffffffff8110f878>] task_work_run+0x58/0x90\n      [\u003Cffffffff81ddd9f8>] syscall_exit_to_user_mode+0x1c8/0x1e0\n      [\u003Cffffffff81dd78d5>] do_syscall_64+0x85/0x150\n      [\u003Cffffffff81e0012b>] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n  ...\n\nThis issue can be consistently reproduced on three different servers:\n  * a 448-core server\n  * a 256-core server\n  * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument 'thread'), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma->numab_state is NULL at the same time, vma->numab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle 'numa_scan_period', there might be a chance for another thread\nto enter in the next 'numa_scan_period' while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma->numab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-401","Missing Release of Memory after Effective Lifetime","The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.","weakness","Draft","Variant","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76],{"_key":25},"SUSE-SU-2025:02923-1",{"_key":27},"SUSE-SU-2025:02249-1",{"_key":29},"SUSE-SU-2025:02538-1",{"_key":31},"SUSE-SU-2025:02254-1",{"_key":33},"SUSE-SU-2025:02307-1",{"_key":35},"SUSE-SU-2025:02333-1",{"_key":37},"SUSE-SU-2025:20475-1",{"_key":39},"SUSE-SU-2025:20483-1",{"_key":41},"SUSE-SU-2025:20493-1",{"_key":43},"SUSE-SU-2025:20498-1",{"_key":45},"SUSE-SU-2025:02335-1",{"_key":47},"MGASA-2025-0030",{"_key":49},"MGASA-2025-0032",{"_key":51},"UBUNTU-CVE-2024-56613",{"_key":53},"DEBIAN-CVE-2024-56613",{"_key":55},"USN-7379-1",{"_key":57},"USN-7381-1",{"_key":59},"USN-7382-1",{"_key":61},"USN-7449-1",{"_key":63},"USN-7449-2",{"_key":65},"USN-7450-1",{"_key":67},"USN-7451-1",{"_key":69},"USN-7452-1",{"_key":71},"USN-7453-1",{"_key":73},"USN-7468-1",{"_key":75},"USN-7523-1",{"_key":77},"USN-7524-1",[],[80,81,83,85,86,87,88,89,90,91,92,93,94,95,96],{"_key":25},{"_key":82},"USN-7379-2",{"_key":84},"USN-7380-1",{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},"2024-12-27T14:51:18.068Z","2026-05-11T20:55:51.104Z","Modified",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":102,"epss_score":103,"severity":104,"severity_score":105,"severity_version":106,"severity_source":107,"severity_vector":108,"severity_status":99},false,"low",0.00017,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[110,116,120],{"url":111,"sources":112,"tags":114},"https://git.kernel.org/stable/c/8f149bcc4d91ac92b32ff4949b291e6ed883dc42",[107,113],"nvd",[115],"Patch",{"url":117,"sources":118,"tags":119},"https://git.kernel.org/stable/c/a71ddd5b87cda687efa28e049e85e923689bcef9",[107,113],[115],{"url":121,"sources":122,"tags":123},"https://git.kernel.org/stable/c/5f1b64e9a9b7ee9cfd32c6b2fab796e29bfed075",[107,113],[115],[],{"date":126,"score":103,"percentile":127},"2026-06-03",0.04272,[129,133,136,139,142,145,148,151,154,157,160,163,166,169,172,176,179,182,185,188,191,194,197,200,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,289,291,294,297,300,303,306,309,312,315,318,321,324,327,329,332,335,338,341,344,346,348,350,353,356,359,362,365,368,371,374,377,380,383,385,388,391],{"date":130,"score":131,"percentile":132},"2025-11-04",0.0003,0.0734,{"date":134,"score":131,"percentile":135},"2025-11-05",0.07378,{"date":137,"score":131,"percentile":138},"2025-11-06",0.07492,{"date":140,"score":131,"percentile":141},"2025-11-07",0.07516,{"date":143,"score":131,"percentile":144},"2025-11-08",0.0752,{"date":146,"score":131,"percentile":147},"2025-11-09",0.07489,{"date":149,"score":131,"percentile":150},"2025-11-10",0.07448,{"date":152,"score":131,"percentile":153},"2025-11-11",0.0744,{"date":155,"score":131,"percentile":156},"2025-11-12",0.07406,{"date":158,"score":131,"percentile":159},"2025-11-13",0.07435,{"date":161,"score":131,"percentile":162},"2025-11-14",0.07482,{"date":164,"score":131,"percentile":165},"2025-11-15",0.07528,{"date":167,"score":131,"percentile":168},"2025-11-16",0.07537,{"date":170,"score":131,"percentile":171},"2025-11-17",0.07532,{"date":173,"score":174,"percentile":175},"2025-11-18",0.00055,0.12817,{"date":177,"score":174,"percentile":178},"2025-11-19",0.12836,{"date":180,"score":174,"percentile":181},"2025-11-20",0.1285,{"date":183,"score":131,"percentile":184},"2025-11-21",0.07653,{"date":186,"score":131,"percentile":187},"2025-11-22",0.07656,{"date":189,"score":131,"percentile":190},"2025-11-23",0.0765,{"date":192,"score":131,"percentile":193},"2025-11-24",0.07638,{"date":195,"score":131,"percentile":196},"2025-11-25",0.07636,{"date":198,"score":131,"percentile":199},"2025-11-26",0.07643,{"date":201,"score":131,"percentile":199},"2025-11-27",{"date":203,"score":131,"percentile":204},"2025-11-28",0.07632,{"date":206,"score":131,"percentile":207},"2025-11-29",0.07666,{"date":209,"score":131,"percentile":210},"2025-11-30",0.07661,{"date":212,"score":131,"percentile":213},"2025-12-01",0.07694,{"date":215,"score":131,"percentile":216},"2025-12-02",0.0771,{"date":218,"score":131,"percentile":219},"2025-12-03",0.0773,{"date":221,"score":131,"percentile":222},"2025-12-04",0.07708,{"date":224,"score":131,"percentile":225},"2025-12-05",0.07735,{"date":227,"score":131,"percentile":228},"2025-12-06",0.07747,{"date":230,"score":131,"percentile":231},"2025-12-07",0.0775,{"date":233,"score":131,"percentile":234},"2025-12-08",0.07749,{"date":236,"score":131,"percentile":237},"2025-12-09",0.07801,{"date":239,"score":131,"percentile":240},"2025-12-10",0.0787,{"date":242,"score":131,"percentile":243},"2025-12-11",0.07925,{"date":245,"score":131,"percentile":246},"2025-12-12",0.07938,{"date":248,"score":131,"percentile":249},"2025-12-13",0.07903,{"date":251,"score":131,"percentile":252},"2025-12-14",0.07886,{"date":254,"score":131,"percentile":255},"2025-12-15",0.0783,{"date":257,"score":131,"percentile":258},"2025-12-16",0.07861,{"date":260,"score":131,"percentile":261},"2025-12-17",0.07941,{"date":263,"score":131,"percentile":264},"2025-12-18",0.08002,{"date":266,"score":131,"percentile":267},"2025-12-19",0.0799,{"date":269,"score":131,"percentile":270},"2025-12-20",0.07976,{"date":272,"score":131,"percentile":273},"2025-12-21",0.07947,{"date":275,"score":131,"percentile":276},"2025-12-22",0.07902,{"date":278,"score":131,"percentile":279},"2025-12-23",0.07912,{"date":281,"score":131,"percentile":282},"2025-12-24",0.07931,{"date":284,"score":131,"percentile":285},"2025-12-25",0.08005,{"date":287,"score":131,"percentile":288},"2025-12-26",0.08014,{"date":290,"score":131,"percentile":285},"2025-12-27",{"date":292,"score":131,"percentile":293},"2025-12-28",0.08008,{"date":295,"score":131,"percentile":296},"2025-12-29",0.07988,{"date":298,"score":131,"percentile":299},"2025-12-30",0.07964,{"date":301,"score":131,"percentile":302},"2025-12-31",0.07996,{"date":304,"score":131,"percentile":305},"2026-01-01",0.08064,{"date":307,"score":131,"percentile":308},"2026-01-02",0.08066,{"date":310,"score":131,"percentile":311},"2026-01-03",0.08065,{"date":313,"score":131,"percentile":314},"2026-01-04",0.08,{"date":316,"score":131,"percentile":317},"2026-01-05",0.07949,{"date":319,"score":131,"percentile":320},"2026-01-06",0.07937,{"date":322,"score":131,"percentile":323},"2026-01-07",0.07971,{"date":325,"score":131,"percentile":326},"2026-01-08",0.08049,{"date":328,"score":131,"percentile":305},"2026-01-09",{"date":330,"score":131,"percentile":331},"2026-01-10",0.08081,{"date":333,"score":131,"percentile":334},"2026-01-11",0.08068,{"date":336,"score":131,"percentile":337},"2026-01-12",0.08045,{"date":339,"score":131,"percentile":340},"2026-01-13",0.08016,{"date":342,"score":131,"percentile":343},"2026-01-14",0.08046,{"date":345,"score":131,"percentile":343},"2026-01-15",{"date":347,"score":131,"percentile":334},"2026-01-16",{"date":349,"score":131,"percentile":331},"2026-01-17",{"date":351,"score":131,"percentile":352},"2026-01-18",0.08058,{"date":354,"score":131,"percentile":355},"2026-01-19",0.08017,{"date":357,"score":131,"percentile":358},"2026-01-20",0.07975,{"date":360,"score":131,"percentile":361},"2026-01-21",0.0796,{"date":363,"score":131,"percentile":364},"2026-01-22",0.07944,{"date":366,"score":131,"percentile":367},"2026-01-23",0.08037,{"date":369,"score":131,"percentile":370},"2026-01-24",0.08092,{"date":372,"score":131,"percentile":373},"2026-01-25",0.08069,{"date":375,"score":131,"percentile":376},"2026-01-26",0.0803,{"date":378,"score":131,"percentile":379},"2026-01-27",0.08018,{"date":381,"score":131,"percentile":382},"2026-01-28",0.07985,{"date":384,"score":131,"percentile":299},"2026-01-29",{"date":386,"score":131,"percentile":387},"2026-01-30",0.07981,{"date":389,"score":131,"percentile":390},"2026-01-31",0.08003,{"date":392,"score":131,"percentile":393},"2026-02-01",0.08024,[395,400],{"source":107,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":396,"cvss_v4_0":9},{"baseScore":105,"baseSeverity":397,"vectorString":108,"impactScore":398,"exploitabilityScore":399},"MEDIUM",6,4.6,{"source":113,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":401,"cvss_v4_0":9},{"baseScore":105,"baseSeverity":397,"vectorString":108,"impactScore":398,"exploitabilityScore":399},[403,423],{"ecosystem":9,"name":404,"vendor":405,"product":405,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":407},"Linux","linux","a",[408,415,418,421],{"version":409,"is_range":410,"range_type":107,"version_start":411,"version_start_type":412,"version_end":413,"version_end_type":414,"fixed_in":9},">= ef6a22b70f6d90449a5c797b8968a682824e2011, \u003C 8f149bcc4d91ac92b32ff4949b291e6ed883dc42",true,"ef6a22b70f6d90449a5c797b8968a682824e2011","including","8f149bcc4d91ac92b32ff4949b291e6ed883dc42","excluding",{"version":416,"is_range":410,"range_type":107,"version_start":411,"version_start_type":412,"version_end":417,"version_end_type":414,"fixed_in":9},">= ef6a22b70f6d90449a5c797b8968a682824e2011, \u003C a71ddd5b87cda687efa28e049e85e923689bcef9","a71ddd5b87cda687efa28e049e85e923689bcef9",{"version":419,"is_range":410,"range_type":107,"version_start":411,"version_start_type":412,"version_end":420,"version_end_type":414,"fixed_in":9},">= ef6a22b70f6d90449a5c797b8968a682824e2011, \u003C 5f1b64e9a9b7ee9cfd32c6b2fab796e29bfed075","5f1b64e9a9b7ee9cfd32c6b2fab796e29bfed075",{"version":422,"is_range":101,"range_type":107,"version_start":422,"version_start_type":412,"version_end":422,"version_end_type":412,"fixed_in":9},"6.4",{"ecosystem":9,"name":424,"vendor":405,"product":425,"cpe_part":426,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":427},"linux kernel","linux_kernel","o",[428,432,436],{"version":429,"is_range":410,"range_type":430,"version_start":422,"version_start_type":412,"version_end":431,"version_end_type":414,"fixed_in":9},"gte6.4_lt6.6.66","cpe","6.6.66",{"version":433,"is_range":410,"range_type":430,"version_start":434,"version_start_type":412,"version_end":435,"version_end_type":414,"fixed_in":9},"gte6.7_lt6.12.5","6.7","6.12.5",{"version":437,"is_range":101,"range_type":430,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.13:rc1"]