CVE-2024-56712
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-56712
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56712.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-56712
- Downstream
- Related
- Published
- 2024-12-29T08:48:46.167Z
- Modified
- 2025-11-28T02:34:34.666567Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- udmabuf: fix memory leak on last export_udmabuf() error path
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
udmabuf: fix memory leak on last export_udmabuf() error path
In exportudmabuf(), if dmabuffd() fails because the FD table is full, a dmabuf owning the udmabuf has already been created; but the error handling in udmabufcreate() will tear down the udmabuf without doing anything about the containing dmabuf.
This leaves a dma_buf in memory that contains a dangling pointer; though that doesn't seem to lead to anything bad except a memory leak.
Fix it by moving the dmabuffd() call out of export_udmabuf() so that we can give it different error handling.
Note that the shape of this code changed a lot in commit 5e72b2b41a21 ("udmabuf: convert udmabuf driver to use folios"); but the memory leak seems to have existed since the introduction of udmabuf.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56712.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/c9fc8428d4255c2128da9c4d5cd92e554d0150cf
- https://git.kernel.org/stable/c/f49856f525acd5bef52ae28b7da2e001bbe7439e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56712.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-56712