CVE-2024-56742

Published: Dec 29, 2024Modified: Apr 17, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any pages successfully added to the SG table will be freed as part of mlx5vf_free_data_buffer().

Affected (2)

Products: Linux: Linux Kernel

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.18 to 6.11.11
Linux Linux Kernel	From 6.12 to 6.12.2

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (3)

https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.