CVE-2024-56584
io_uring/tctx: work around xa_store() allocation error issue
In the Linux kernel, the following vulnerability has been resolved: io_uring/tctx: work around xa_store() allocation error issue syzbot triggered the following WARN_ON: WARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51 which is the WARN_ON_ONCE(!xa_empty(&tctx->xa)); sanity check in __io_uring_free() when a io_uring_task is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xa_store() can fail one of its memory allocations and end up with ->head being non-NULL even though no entries exist in the xarray. Until this issue gets sorted out, work around it by attempting to iterate entries in our xarray, and WARN_ON_ONCE() if one is found.
| Vendor | linux |
| Product | linux |
| Ecosystems | |
| Industries | Technology |
| Published | Dec 27, 2024 |
| Last Updated | Apr 18, 2026 |
Get instant alerts for linux linux
Be the first to know when new unknown vulnerabilities affecting linux linux are published โ delivered to Slack, Telegram or Discord.