CVE-2024-41002 – This CVE describes a memory leak vulnerability ... (How to Fix)

Q: What is the severity of CVE-2024-41002?

CVE-2024-41002 has a CVSS score of 5.5 (MEDIUM). This CVE describes a memory leak vulnerability in the Linux kernel's Hisilicon SEC cryptographic driver. When releasing cryptographic resources, the driver fails to properly release AIV (Authentication Initialization Vector) resources, causing memory leakage. This affects systems using Hisilicon hardware cryptographic acceleration.

📋 TL;DR

This CVE describes a memory leak vulnerability in the Linux kernel's Hisilicon SEC cryptographic driver. When releasing cryptographic resources, the driver fails to properly release AIV (Authentication Initialization Vector) resources, causing memory leakage. This affects systems using Hisilicon hardware cryptographic acceleration.

💻 Affected Systems

Products:

Linux kernel with Hisilicon SEC cryptographic driver enabled

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if Hisilicon SEC hardware cryptographic acceleration is enabled and used. Most standard Linux installations won't have this driver loaded by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.

🟠

Likely Case

Gradual memory consumption over time leading to performance degradation and eventual system instability requiring reboots.

🟢

If Mitigated

Minimal impact with proper monitoring and regular system maintenance; memory leaks would be detected and addressed before causing issues.

🌐 Internet-Facing: LOW - This requires local access or kernel-level compromise to trigger the resource release path.

🏢 Internal Only: MEDIUM - Internal users or processes with kernel access could trigger this, potentially affecting system stability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering the specific resource release path in the SEC driver, which typically requires kernel-level access or specific cryptographic operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 36810d2db3496bb8b4db7ccda666674a5efc7b47, 7c42ce556ff65995c8875c9ed64141c14238e7e6, 9f21886370db451b0fdc651f6e41550a1da70601, a886bcb0f67d1e3d6b2da25b3519de59098200c2, bba4250757b4ae1680fea435a358d8093f254094

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update to a kernel version containing the fix commits. 2. Check with your Linux distribution for specific patched kernel versions. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable Hisilicon SEC driver

linux

Prevent loading of the vulnerable driver module

echo 'blacklist hisi_sec' > /etc/modprobe.d/blacklist-hisi-sec.conf
rmmod hisi_sec

🧯 If You Can't Patch

Monitor system memory usage closely for unusual consumption patterns
Implement regular system reboots to clear accumulated memory leaks

🔍 How to Verify

Check if Vulnerable:

Check if hisi_sec module is loaded: lsmod | grep hisi_sec. Check kernel version against patched versions from your distribution.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits. Check dmesg for SEC driver initialization without memory leak warnings.

📡 Detection & Monitoring

Log Indicators:

Kernel OOM (Out of Memory) messages
Memory allocation failures in dmesg
SEC driver initialization errors

Network Indicators:

None - this is a local memory management issue

SIEM Query:

source="kernel" AND ("out of memory" OR "OOM" OR "hisi_sec")

📊 Metadata

CVE ID: CVE-2024-41002

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

Published: July 12, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-41002, you might also want to check these: