Memory Leak Vulnerability in Linux Kernel's MLX5 Driver
CVE-2024-56742

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 29 December 2024

Summary

A vulnerability exists in the Linux kernel’s MLX5 driver that pertains to the vfio/mlx5 subsystem. It involves a programming flaw during the handling of migration pages in the mlx5vf_add_migration_pages() function. Specifically, if a set of pages is allocated but cannot be successfully added to the Scatter-Gather (SG) table, those pages must be properly freed to avoid memory leaks. The robust cleanup of allocated resources is essential to ensure system stability and performance. The issue is addressed in subsequent kernel patches, enhancing the overall reliability of the MLX5 driver.

Affected Version(s)

Linux 6fadb021266d03c5fd7bca2cfa1607efd246dad1 < 769fe4ce444b646b0bf6ac308de80686c730c7df

Linux 6fadb021266d03c5fd7bca2cfa1607efd246dad1

Linux 6fadb021266d03c5fd7bca2cfa1607efd246dad1 < 22e87bf3f77c18f5982c19ffe2732ef0c7a25f16

References

https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308...

https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc...

https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe...

Timeline

Vulnerability published
Dec 29, 2024
Vulnerability Reserved
Dec 29, 2024

Collectors

NVD DatabaseMitre Database