CVE-2024-53065: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Commit b035f5a6d852 ("mm: slab: reduce the kmalloc() minimum alignment if DMA bouncing possible") reduced ARCH_KMALLOC_MINALIGN to 8 on arm64. However, with KASAN_HW_TAGS enabled, arch_slab_minalign() becomes 16. This causes kmalloc_caches[*][8] to be aliased to kmalloc_caches[*][16], resulting in kmem_buckets_create() attempting to create a kmem_cache for size 16 twice. This duplication triggers warnings on boot: [ 2.325108] ------------[ cut here ]------------ [ 2.325135] kmem_cache of name 'memdup_user-16' already exists [ 2.325783] WARNING: CPU: 0 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.327957] Modules linked in: [ 2.328550] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.328683] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.328790] pstate: 61000009 (nZCv daif -PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 2.328911] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328930] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328942] sp : ffff800083d6fc50 [ 2.328961] x29: ffff800083d6fc50 x28: f2ff0000c1674410 x27: ffff8000820b0598 [ 2.329061] x26: 000000007fffffff x25: 0000000000000010 x24: 0000000000002000 [ 2.329101] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.329118] x20: f2ff0000c1674410 x19: f5ff0000c16364c0 x18: ffff800083d80030 [ 2.329135] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.329152] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.329169] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.329194] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.329210] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.329226] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.329291] Call trace: [ 2.329407] __kmem_cache_create_args+0xb8/0x3b0 [ 2.329499] kmem_buckets_create+0xfc/0x320 [ 2.329526] init_user_buckets+0x34/0x78 [ 2.329540] do_one_initcall+0x64/0x3c8 [ 2.329550] kernel_init_freeable+0x26c/0x578 [ 2.329562] kernel_init+0x3c/0x258 [ 2.329574] ret_from_fork+0x10/0x20 [ 2.329698] ---[ end trace 0000000000000000 ]--- [ 2.403704] ------------[ cut here ]------------ [ 2.404716] kmem_cache of name 'msg_msg-16' already exists [ 2.404801] WARNING: CPU: 2 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.404842] Modules linked in: [ 2.404971] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.405026] Tainted: [W]=WARN [ 2.405043] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.405057] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 2.405079] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405100] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405111] sp : ffff800083d6fc50 [ 2.405115] x29: ffff800083d6fc50 x28: fbff0000c1674410 x27: ffff8000820b0598 [ 2.405135] x26: 000000000000ffd0 x25: 0000000000000010 x24: 0000000000006000 [ 2.405153] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.405169] x20: fbff0000c1674410 x19: fdff0000c163d6c0 x18: ffff800083d80030 [ 2.405185] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.405201] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.405217] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.405233] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.405248] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.405271] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.405287] Call trace: [ 2 ---truncated---
AI Analysis
Technical Summary
CVE-2024-53065 is a vulnerability identified in the Linux kernel related to the memory management subsystem, specifically the slab allocator. The issue arises from a conflict in the creation of kernel memory caches (kmem_cache) due to inconsistent minimum alignment values for kmalloc allocations on the arm64 architecture when Kernel Address Sanitizer hardware tags (KASAN_HW_TAGS) are enabled. A recent kernel commit reduced the ARCH_KMALLOC_MINALIGN to 8 bytes on arm64, but with KASAN_HW_TAGS enabled, the effective alignment (arch_slab_minalign()) remains 16 bytes. This discrepancy causes the slab allocator to attempt to create duplicate kmem_cache entries for the same size (16 bytes), triggering warnings and errors during system boot. The kernel logs show repeated warnings about kmem_cache names already existing, which indicates a duplicate creation attempt. The problem manifests as warnings and potential instability during the kernel initialization phase, particularly on arm64 platforms with KASAN_HW_TAGS enabled. Although the vulnerability does not appear to cause direct memory corruption or allow privilege escalation, the duplicate cache creation can lead to kernel warnings, potential boot failures, or instability in systems relying on these memory caches. The vulnerability is specific to certain kernel versions and configurations, notably those using arm64 architecture with KASAN_HW_TAGS enabled. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-53065 is primarily related to system stability and reliability rather than direct security breaches such as data leaks or privilege escalations. Organizations running Linux-based systems on arm64 hardware, especially those using kernel builds with KASAN_HW_TAGS enabled (commonly used for debugging and security hardening), may experience boot-time warnings or failures, potentially leading to downtime or degraded performance. This could affect cloud service providers, data centers, and enterprises deploying arm64 servers or embedded devices. While the vulnerability does not currently enable remote exploitation or compromise confidentiality or integrity directly, the instability could disrupt critical services or delay system updates and maintenance. European organizations relying on arm64 Linux servers for production workloads or embedded systems in industrial control, telecommunications, or IoT devices should be aware of this issue to avoid unexpected system behavior. The lack of known exploits reduces immediate risk, but the potential for operational disruption warrants attention.
Mitigation Recommendations
To mitigate CVE-2024-53065, European organizations should: 1) Apply the official Linux kernel patches that address the duplicate kmem_cache creation issue as soon as they become available from trusted kernel maintainers or distributions. 2) Avoid enabling KASAN_HW_TAGS in production environments unless necessary for debugging, as this configuration triggers the vulnerability. 3) For systems requiring KASAN_HW_TAGS, test kernel updates in controlled environments before deployment to detect and resolve boot-time warnings or failures. 4) Monitor kernel boot logs for warnings related to kmem_cache duplication to identify affected systems proactively. 5) Coordinate with hardware vendors and Linux distribution maintainers to ensure timely updates for arm64 platforms. 6) Implement robust rollback procedures to revert kernel updates if instability occurs. 7) Consider using alternative debugging or memory sanitization tools that do not cause this alignment conflict until a stable fix is confirmed. These steps go beyond generic advice by focusing on configuration management, proactive monitoring, and controlled deployment strategies tailored to the specific nature of this kernel vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Norway, Denmark
CVE-2024-53065: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Commit b035f5a6d852 ("mm: slab: reduce the kmalloc() minimum alignment if DMA bouncing possible") reduced ARCH_KMALLOC_MINALIGN to 8 on arm64. However, with KASAN_HW_TAGS enabled, arch_slab_minalign() becomes 16. This causes kmalloc_caches[*][8] to be aliased to kmalloc_caches[*][16], resulting in kmem_buckets_create() attempting to create a kmem_cache for size 16 twice. This duplication triggers warnings on boot: [ 2.325108] ------------[ cut here ]------------ [ 2.325135] kmem_cache of name 'memdup_user-16' already exists [ 2.325783] WARNING: CPU: 0 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.327957] Modules linked in: [ 2.328550] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.328683] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.328790] pstate: 61000009 (nZCv daif -PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 2.328911] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328930] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328942] sp : ffff800083d6fc50 [ 2.328961] x29: ffff800083d6fc50 x28: f2ff0000c1674410 x27: ffff8000820b0598 [ 2.329061] x26: 000000007fffffff x25: 0000000000000010 x24: 0000000000002000 [ 2.329101] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.329118] x20: f2ff0000c1674410 x19: f5ff0000c16364c0 x18: ffff800083d80030 [ 2.329135] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.329152] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.329169] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.329194] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.329210] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.329226] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.329291] Call trace: [ 2.329407] __kmem_cache_create_args+0xb8/0x3b0 [ 2.329499] kmem_buckets_create+0xfc/0x320 [ 2.329526] init_user_buckets+0x34/0x78 [ 2.329540] do_one_initcall+0x64/0x3c8 [ 2.329550] kernel_init_freeable+0x26c/0x578 [ 2.329562] kernel_init+0x3c/0x258 [ 2.329574] ret_from_fork+0x10/0x20 [ 2.329698] ---[ end trace 0000000000000000 ]--- [ 2.403704] ------------[ cut here ]------------ [ 2.404716] kmem_cache of name 'msg_msg-16' already exists [ 2.404801] WARNING: CPU: 2 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.404842] Modules linked in: [ 2.404971] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.405026] Tainted: [W]=WARN [ 2.405043] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.405057] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 2.405079] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405100] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405111] sp : ffff800083d6fc50 [ 2.405115] x29: ffff800083d6fc50 x28: fbff0000c1674410 x27: ffff8000820b0598 [ 2.405135] x26: 000000000000ffd0 x25: 0000000000000010 x24: 0000000000006000 [ 2.405153] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.405169] x20: fbff0000c1674410 x19: fdff0000c163d6c0 x18: ffff800083d80030 [ 2.405185] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.405201] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.405217] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.405233] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.405248] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.405271] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.405287] Call trace: [ 2 ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2024-53065 is a vulnerability identified in the Linux kernel related to the memory management subsystem, specifically the slab allocator. The issue arises from a conflict in the creation of kernel memory caches (kmem_cache) due to inconsistent minimum alignment values for kmalloc allocations on the arm64 architecture when Kernel Address Sanitizer hardware tags (KASAN_HW_TAGS) are enabled. A recent kernel commit reduced the ARCH_KMALLOC_MINALIGN to 8 bytes on arm64, but with KASAN_HW_TAGS enabled, the effective alignment (arch_slab_minalign()) remains 16 bytes. This discrepancy causes the slab allocator to attempt to create duplicate kmem_cache entries for the same size (16 bytes), triggering warnings and errors during system boot. The kernel logs show repeated warnings about kmem_cache names already existing, which indicates a duplicate creation attempt. The problem manifests as warnings and potential instability during the kernel initialization phase, particularly on arm64 platforms with KASAN_HW_TAGS enabled. Although the vulnerability does not appear to cause direct memory corruption or allow privilege escalation, the duplicate cache creation can lead to kernel warnings, potential boot failures, or instability in systems relying on these memory caches. The vulnerability is specific to certain kernel versions and configurations, notably those using arm64 architecture with KASAN_HW_TAGS enabled. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-53065 is primarily related to system stability and reliability rather than direct security breaches such as data leaks or privilege escalations. Organizations running Linux-based systems on arm64 hardware, especially those using kernel builds with KASAN_HW_TAGS enabled (commonly used for debugging and security hardening), may experience boot-time warnings or failures, potentially leading to downtime or degraded performance. This could affect cloud service providers, data centers, and enterprises deploying arm64 servers or embedded devices. While the vulnerability does not currently enable remote exploitation or compromise confidentiality or integrity directly, the instability could disrupt critical services or delay system updates and maintenance. European organizations relying on arm64 Linux servers for production workloads or embedded systems in industrial control, telecommunications, or IoT devices should be aware of this issue to avoid unexpected system behavior. The lack of known exploits reduces immediate risk, but the potential for operational disruption warrants attention.
Mitigation Recommendations
To mitigate CVE-2024-53065, European organizations should: 1) Apply the official Linux kernel patches that address the duplicate kmem_cache creation issue as soon as they become available from trusted kernel maintainers or distributions. 2) Avoid enabling KASAN_HW_TAGS in production environments unless necessary for debugging, as this configuration triggers the vulnerability. 3) For systems requiring KASAN_HW_TAGS, test kernel updates in controlled environments before deployment to detect and resolve boot-time warnings or failures. 4) Monitor kernel boot logs for warnings related to kmem_cache duplication to identify affected systems proactively. 5) Coordinate with hardware vendors and Linux distribution maintainers to ensure timely updates for arm64 platforms. 6) Implement robust rollback procedures to revert kernel updates if instability occurs. 7) Consider using alternative debugging or memory sanitization tools that do not cause this alignment conflict until a stable fix is confirmed. These steps go beyond generic advice by focusing on configuration management, proactive monitoring, and controlled deployment strategies tailored to the specific nature of this kernel vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-11-19T17:17:24.975Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9824c4522896dcbdf8a9
Added to database: 5/21/2025, 9:08:52 AM
Last enriched: 6/28/2025, 2:26:55 PM
Last updated: 8/11/2025, 9:20:07 AM
Views: 15
Related Threats
CVE-2025-7679: CWE-306 Missing Authentication for Critical Function in ABB Aspect
HighCVE-2025-7677: CWE-306 Missing Authentication for Critical Function in ABB Aspect
MediumCVE-2025-53191: CWE-306 Missing Authentication for Critical Function in ABB Aspect
HighCVE-2025-53190: CWE-286 in ABB Aspect
HighCVE-2025-53189: CWE-639 Authorization Bypass Through User-Controlled Key in ABB Aspect
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.