CVE-2024-56584

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-56584

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56584.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-56584

Downstream

BELL-CVE-2024-56584

DEBIAN-CVE-2024-56584

DLA-4076-1

OESA-2025-1032

OESA-2025-1033

OESA-2025-1035

OESA-2025-1036

OESA-2025-1037

SUSE-SU-2025:0289-1

SUSE-SU-2025:0428-1

SUSE-SU-2025:0499-1

SUSE-SU-2025:0557-1

UBUNTU-CVE-2024-56584

USN-7379-1

USN-7381-1

USN-7382-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Related

Published

2024-12-27T15:15:17Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

iouring/tctx: work around xastore() allocation error issue

syzbot triggered the following WARN_ON:

WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 _iouringfree+0xfa/0x140 io_uring/tctx.c:51

which is the

WARNONONCE(!xa_empty(&tctx->xa));

sanity check in _iouringfree() when a iouringtask is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xastore() can fail one of its memory allocations and end up with ->head being non-NULL even though no entries exist in the xarray.

Until this issue gets sorted out, work around it by attempting to iterate entries in our xarray, and WARNONONCE() if one is found.

References

Affected packages