{"id":"AZL-40162","summary":"CVE-2024-26900 affecting package kernel for versions less than 5.15.159.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), 'rdev-\u003eserial' will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n  comm \"mdadm\", pid 789, jiffies 4294716910\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace (crc f773277a):\n    [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n    [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n    [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n    [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n    [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n    [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n    [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n    [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n    [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n    [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n    [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n    [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n    [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n    [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74","modified":"2026-04-01T05:13:33.652799Z","published":"2024-04-17T11:15:10Z","upstream":["CVE-2024-26900"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26900"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.159.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-40162.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}