[Kernel-packages] [Bug 2122554] Re: memory leaks when configuring a small rate limit in audit

Launchpad Bug Tracker Thu, 25 Sep 2025 07:57:31 -0700

This bug was fixed in the package linux - 6.17.0-5.5

---------------
linux (6.17.0-5.5) questing; urgency=medium


  * questing/linux: 6.17.0-5.5 -proposed tracker (LP: #2125319)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/d2025.09.22)

  * [SRU] Failed to create source package: Unmet build dependencies:
    bpftool:native (LP: #2122310)
    - [Packaging] fix build profile spec for bpftool

  * UBUNTU: fan: fail to check kmalloc() return could cause a NULL pointer
    dereference (LP: #2125053)
    - SAUCE: fan: vxlan: check memory allocation for map

  * iproute2 breaking netplan DEP-8 tests in Questing, unexpected "fan-map" in
    JSON output (LP: #2124257)
    - SAUCE: fan: don't enforce a specific enum value for IFLA_VXLAN_FAN_MAP

  * memory leaks when configuring a small rate limit in audit (LP: #2122554)
    - SAUCE: audit: fix skb leak when audit rate limit is exceeded

  * Support AMD Image Signal Processing (ISP) unit V4.0 (LP: #2110092)
    - SAUCE: media: platform: amd: Introduce amd isp4 capture driver
    - SAUCE: media: platform: amd: low level support for isp4 firmware
    - SAUCE: media: platform: amd: Add isp4 fw and hw interface
    - SAUCE: media: platform: amd: isp4 subdev and firmware loading handling
      added
    - SAUCE: media: platform: amd: isp4 video node and buffers handling added
    - SAUCE: media: platform: amd: isp4 debug fs logging and more descriptive
      errors
    - SAUCE: Documentation: add documentation of AMD isp 4 driver
    - [Config] Enable AMD_ISP4

  * 25.10 Snapdragon X Elite: Sync concept kernel changes (LP: #2121477)
    - phy: qcom: qmp-combo: Rename 'mode' to 'phy_mode'
    - phy: qcom: qmp-combo: store DP phy power state
    - phy: qcom: qmp-combo: introduce QMPPHY_MODE
    - phy: qcom: qmp-combo: register a typec mux to change the QMPPHY_MODE
    - arm64: dts: qcom: x1e80100-crd: Add USB multiport fingerprint reader
    - dt-bindings: arm: qcom: Add Dell Latitude 7455
    - dt-bindings: display: panel: samsung,atna40cu11: document ATNA40CU11
    - dt-bindings: display: panel: samsung,atna40ct06: document ATNA40CT06
    - drm/panel-edp: Add BOE NV140WUM-N64
    - arm64: dts: qcom: x1-crd: Enable HBR3 on external DPs
    - SAUCE: drm/dp: drm_edp_backlight_set_level: do not always send 3-byte
      commands
    - SAUCE: drm/edp-panel: Add touchscreen panel used by Lenovo X13s
    - SAUCE: net: qrtr: mhi: synchronize qrtr and mhi preparation
    - SAUCE: arm64: dts: qcom: x1e78100-t14s-oled: add eDP panel
    - SAUCE: wip: arm64: dts: qcom: x1e80100-crd: Add WiFi/BT pwrseq
    - SAUCE: wip: arm64: dts: qcom: x1e78100-t14s: enable bluetooth
    - SAUCE: drm/dp: clamp PWM bit count to advertised MIN and MAX
      capabilities
    - SAUCE: arm64: dts: qcom: x1e80100-pmics: Disable pm8010 by default
    - SAUCE: arm64: dts: qcom: x1e80100-dell-xps13-9345: Add Left/Right
      Speakers and Tweeter
    - SAUCE: arm64: dts: qcom: x1e80100-dell-xps13-9345: enable MICs LDO
    - SAUCE: arm64: dts: qcom: x1e80100-dell-xps13-9345: Mark audio channels
      as left-right swapped
    - SAUCE: arm64: dts: qcom: sc8280xp-lenovo-thinkpad-x13: Set up 4-lane DP
    - SAUCE: dt-bindings: phy: qcom,sc8280xp-qmp-usb43dp-phy: Document default
      phy mode
    - SAUCE: phy: qcom: qmp-combo: get default qmpphy_mode from DT
    - SAUCE: arm64: dts: qcom: x1e78100-lenovo-thinkpad-t14s: add HDMI nodes
    - SAUCE: dt-bindings: phy: qcom,sc8280xp-qmp-usb43dp: Reference usb-
      switch.yaml to allow mode-switch
    - SAUCE: dt-bindings: arm: qcom: Add Asus Zenbook A14 UX3407QA LCD/OLED
      variants
    - SAUCE: arm64: dts: qcom: Rework X1-based Asus Zenbook A14's displays
    - SAUCE: arm64: dts: qcom: x1e80100-asus-zenbook-a14: Enable WiFi,
      Bluetooth
    - SAUCE: arm64: dts: qcom: Add support for Dell Inspiron 7441 / Latitude
      7455
    - SAUCE: firmware: qcom: scm: Allow QSEECOM on Dell Inspiron 7441 /
      Latitude 7455
    - SAUCE: dt-bindings: arm: qcom: Add Acer Swift 14 AI
    - SAUCE: arm64: dts: qcom: x1-acer-swift-14: Add support for Acer Swift 14
    - SAUCE: arm64: dts: qcom: x1e80100: allow mode-switch events to reach the
      QMP Combo PHYs
    - SAUCE: arm64: dts: qcom: x1e80100: move dp0/1/2 data-lanes to SoC dtsi
    - SAUCE: arm64: dts: qcom: x1e80100: Set up 4-lane DP
    - SAUCE: arm64: dts: qcom: x1e80100: move remaining dp0/1/2 data-lanes to
      SoC dtsi
    - Revert "UBUNTU: SAUCE: Change: cracking sound fix"

  * UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:452:16
    (LP: #2119713)
    - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller

  * Miscellaneous Ubuntu changes
    - [Config] updateconfigs for v6.17-rc6 rebase

 -- Timo Aaltonen <[email protected]>  Mon, 22 Sep 2025
10:33:58 +0300

** Changed in: linux (Ubuntu Questing)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2122554

Title:
  memory leaks when configuring a small rate limit in audit

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Noble:
  Fix Committed
Status in linux source package in Plucky:
  Fix Committed
Status in linux source package in Questing:
  Fix Released

Bug description:
  [Impact]

  When the audit rate limit is exceeded, memory starts leaking, this can be 
observed by:
  watch -d -n 1 grep -i SUnreclaim' /proc/meminfo

  Unreclaimable slab grows rapidly and lead to run out of all available memory
  Only reboot can recover it.

  5.15 kernel doesn't have this issue, it's introduced later than 5.19 kernel,
  and caused by LSM stacking code.

  [Fix]

  This upstream patch fixes the issue:
  
https://lore.kernel.org/audit/[email protected]/T/#t

  and merged into maintainer's tree:
  
https://github.com/linux-audit/audit-kernel/commit/d2c773159327f4d2f6438acf1ae2ae9ac0ca46a9

  [Test Plan]

  Add the following line to set a small rate limit in 
/etc/audit/rules.d/audit.rules:
  -a always,exit -F arch=b64 -S openat -S truncate -S ftruncate -F exit=-EACCES 
-F auid>=1000 -F auid!=4294967295 -k access -r 100

  Trigger permission denied by running the following command as a normal user:
  while :; do cat /proc/1/environ; done

  Make sure we see the warning message in kernel log:
  [ 2531.862184] audit: rate limit exceeded

  [Where problems could occur]

  Originally the skb is leak and no one is able to process or free it anymore.
  The above patch just frees the leaking skb when rate limit is exceeded,
  there won't be any additional impact.

  [ Other Info ]
  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2098730

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2122554/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 2122554] Re: memory leaks when configuring a small rate limit in audit

Reply via email to