AZL-54768

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54768.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-54768

Upstream

CVE-2024-56712

Published

2024-12-29T09:15:06Z

Modified

2026-04-01T05:18:23.099279Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-56712 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

udmabuf: fix memory leak on last export_udmabuf() error path

In exportudmabuf(), if dmabuffd() fails because the FD table is full, a dmabuf owning the udmabuf has already been created; but the error handling in udmabufcreate() will tear down the udmabuf without doing anything about the containing dmabuf.

This leaves a dma_buf in memory that contains a dangling pointer; though that doesn't seem to lead to anything bad except a memory leak.

Fix it by moving the dmabuffd() call out of export_udmabuf() so that we can give it different error handling.

Note that the shape of this code changed a lot in commit 5e72b2b41a21 ("udmabuf: convert udmabuf driver to use folios"); but the memory leak seems to have existed since the introduction of udmabuf.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-56712

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54768.json"