CVE-2024-56584

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-56584
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56584.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-56584
Downstream
Related
Published
2024-12-27T15:15:17Z
Modified
2025-08-09T19:01:28Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

iouring/tctx: work around xastore() allocation error issue

syzbot triggered the following WARN_ON:

WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 _iouringfree+0xfa/0x140 io_uring/tctx.c:51

which is the

WARNONONCE(!xa_empty(&tctx->xa));

sanity check in _iouringfree() when a iouringtask is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xastore() can fail one of its memory allocations and end up with ->head being non-NULL even though no entries exist in the xarray.

Until this issue gets sorted out, work around it by attempting to iterate entries in our xarray, and WARNONONCE() if one is found.

References

Affected packages