{"id":"CVE-2024-41023","summary":"sched/deadline: Fix task_struct reference leak","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nsched/deadline: Fix task_struct reference leak\n\nDuring the execution of the following stress test with linux-rt:\n\nstress-ng --cyclic 30 --timeout 30 --minimize --quiet\n\nkmemleak frequently reported a memory leak concerning the task_struct:\n\nunreferenced object 0xffff8881305b8000 (size 16136):\n  comm \"stress-ng\", pid 614, jiffies 4294883961 (age 286.412s)\n  object hex dump (first 32 bytes):\n    02 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00  .@..............\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  debug hex dump (first 16 bytes):\n    53 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00  S...............\n  backtrace:\n    [\u003c00000000046b6790\u003e] dup_task_struct+0x30/0x540\n    [\u003c00000000c5ca0f0b\u003e] copy_process+0x3d9/0x50e0\n    [\u003c00000000ced59777\u003e] kernel_clone+0xb0/0x770\n    [\u003c00000000a50befdc\u003e] __do_sys_clone+0xb6/0xf0\n    [\u003c000000001dbf2008\u003e] do_syscall_64+0x5d/0xf0\n    [\u003c00000000552900ff\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nThe issue occurs in start_dl_timer(), which increments the task_struct\nreference count and sets a timer. The timer callback, dl_task_timer,\nis supposed to decrement the reference count upon expiration. However,\nif enqueue_task_dl() is called before the timer expires and cancels it,\nthe reference count is not decremented, leading to the leak.\n\nThis patch fixes the reference leak by ensuring the task_struct\nreference count is properly decremented when the timer is canceled.","modified":"2026-04-02T10:02:35.030018Z","published":"2024-07-29T14:31:40.439Z","related":["ALSA-2024:7000","SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41023.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/7a54d31face626f62de415ebe77b43f76c3ffaf4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b58652db66c910c2245f5bee7deca41c12d707b9"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41023.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41023"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"feff2e65efd8d84cf831668e182b2ce73c604bbb"},{"fixed":"7a54d31face626f62de415ebe77b43f76c3ffaf4"},{"fixed":"b58652db66c910c2245f5bee7deca41c12d707b9"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"f0e1c1d8ff908a39dd42e723d08f104505dfa601"},{"last_affected":"184c8ab5342450c4ae6fc5d937f9bb06c620dcf1"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41023.json"}}],"schema_version":"1.7.5"}