CVE-2024-53077

Summary

In the Linux kernel, the following vulnerability has been resolved:

rpcrdma: Always release the rpcrdma_device's xa_array

Dai pointed out that the xa_init_flags() in rpcrdma_add_one() needs to have a matching xa_destroy() in rpcrdma_remove_one() to release underlying memory that the xarray might have accrued during operation.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7e86845a0346efc95fddaa97ce5cd6a8bda8c71c < 36b7f5a4f300d038270324640ff7c1399245159daffected
LinuxLinux7e86845a0346efc95fddaa97ce5cd6a8bda8c71c < 63a81588cd2025e75fbaf30b65930b76825c456faffected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.11.7 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References