vulnerability
Ubuntu: (Multiple Advisories) (CVE-2024-56712): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Dec 29, 2024 | Mar 28, 2025 | Apr 2, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
udmabuf: fix memory leak on last export_udmabuf() error path
In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a
dma_buf owning the udmabuf has already been created; but the error handling
in udmabuf_create() will tear down the udmabuf without doing anything about
the containing dma_buf.
This leaves a dma_buf in memory that contains a dangling pointer; though
that doesn't seem to lead to anything bad except a memory leak.
Fix it by moving the dma_buf_fd() call out of export_udmabuf() so that we
can give it different error handling.
Note that the shape of this code changed a lot in commit 5e72b2b41a21
("udmabuf: convert udmabuf driver to use folios"); but the memory leak
seems to have existed since the introduction of udmabuf.
Solution(s)
References
- CVE-2024-56712
- https://attackerkb.com/topics/CVE-2024-56712
- UBUNTU-USN-7379-1
- UBUNTU-USN-7379-2
- UBUNTU-USN-7380-1
- UBUNTU-USN-7381-1
- UBUNTU-USN-7382-1
- URL-https://git.kernel.org/linus/f49856f525acd5bef52ae28b7da2e001bbe7439e
- URL-https://git.kernel.org/stable/c/c9fc8428d4255c2128da9c4d5cd92e554d0150cf
- URL-https://git.kernel.org/stable/c/f49856f525acd5bef52ae28b7da2e001bbe7439e
- URL-https://ubuntu.com/security/notices/USN-7379-1
- URL-https://ubuntu.com/security/notices/USN-7380-1
- URL-https://ubuntu.com/security/notices/USN-7381-1
- URL-https://ubuntu.com/security/notices/USN-7382-1
- URL-https://www.cve.org/CVERecord?id=CVE-2024-56712
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.