CVE-2024-56624

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-56624
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56624.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-56624
Downstream
Related
Published
2024-12-27T15:15:21Z
Modified
2024-12-27T17:00:03Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

iommufd: Fix outfput in iommufdfault_alloc()

As fput() calls the file->fop->release op, where fault obj and ictx are getting released, there is no need to release these two after fput() one more time, which would result in imbalanced refcounts: refcountt: decrement hit 0; leaking memory. WARNING: CPU: 48 PID: 2369 at lib/refcount.c:31 refcountwarnsaturate+0x60/0x230 Call trace: refcountwarnsaturate+0x60/0x230 (P) refcountwarnsaturate+0x60/0x230 (L) iommufdfaultfopsrelease+0x9c/0xe0 [iommufd] ... VFS: Close: file count is 0 (fop=iommufdfops [iommufd]) WARNING: CPU: 48 PID: 2369 at fs/open.c:1507 filpflush+0x3c/0xf0 Call trace: filpflush+0x3c/0xf0 (P) filpflush+0x3c/0xf0 (L) _arm64sysclose+0x34/0x98 ... imbalanced put on file reference count WARNING: CPU: 48 PID: 2369 at fs/file.c:74 _filerefput+0x100/0x138 Call trace: _filerefput+0x100/0x138 (P) _filerefput+0x100/0x138 (L) _fputsync+0x4c/0xd0

Drop those two lines to fix the warnings above.

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.5-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}