Skip to content

LiME

v1.12.0 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 2mo Forensics & Incident Response
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Summary

AI summary

Critical bugfixes in hash, TCP, and core subsystems; SPDX compliance added.

Full changelog

LiME v1.12.0

16 commits since v1.11.0 (March 23–24, 2026)

Bug Fixes (kernel module)

Hash / digest subsystem (hash.c)

  • Fix multi-page vmalloc digest corruption — only the last page was being hashed
  • Fix crypto_digest_update passing byte length instead of nsg count
  • Fix memory leak: digest_value was never freed in ldigest_clean
  • Fix uninitialized digestsize on kernels 2.6.11–2.6.18
  • Fix NULL dereference in ldigest_clean when crypto_alloc fails
  • Add NULL checks on output and digest_value allocations

TCP subsystem (tcp.c)

  • Fix sizeof(struct iovec) used on a struct kvec variable
  • Fix socket leak: pre-allocated socket was overwritten by kernel_accept

Core module (main.c)

  • Fix ldigest_clean extern return type mismatch (int vs void)
  • Fix wrong format specifier %zu for signed ssize_t
  • Fix missing __get_free_page and kmalloc NULL checks
  • Fix resource leaks in init() error paths
  • Fix no_overlap set even when digest init fails

Code Quality

  • Centralize all extern declarations in lime.h
  • Remove redundant includes and duplicate externs across files
  • Extract create_tcp_sock() helper to deduplicate socket creation in tcp.c
  • Replace strcpy/strcat chain with snprintf in hash.c
  • Refactor init() error paths to goto-based cleanup pattern
  • Fix () vs (void) inconsistencies, declaration-after-statement issues, mixed indentation

REUSE / SPDX Compliance

  • Add SPDX license headers to all source and script files
  • Add REUSE.toml for machine-readable license metadata
  • Replace monolithic LICENSE file with LICENSES/GPL-2.0-only.txt

Documentation

  • Rename doc/docs/
  • Rewrite and clarify README.md (updated usage examples, parameter descriptions, sidecar digest naming)
  • Add docs/test-architecture.md describing the CI and test framework design
  • Fix missing "padded" label in docs/README.md parameter description

CI / Testing

  • Add GitHub Actions multi-kernel compile-test workflow (build-test.yml) covering multiple kernel versions
  • Add sparse static analysis and QEMU smoke tests
  • Add pre-commit hooks (trailing whitespace, markdown lint, flawfinder, codespell, REUSE)
  • Add test/ directory with Dockerfile, kernel prep scripts, initramfs builder, and smoke-test harness
  • Update actions/cache to v5; fix objtool preservation during kernel tree stripping
  • Remove kernel 4.15 from CI matrix after extensive attempts to fix its toolchain incompatibilities

Full Changelog: https://github.com/jtsylve/LiME/compare/v1.11.0...v1.12.0

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track LiME

Get notified when new releases ship.

Sign up free

About LiME

Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, formerly called DMD.

All releases →

Related context

Beta — feedback welcome: [email protected]