{"id":"CVE-2024-56534","summary":"isofs: avoid memory leak in iocharset","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: avoid memory leak in iocharset\n\nA memleak was found as below:\n\nunreferenced object 0xffff0000d10164d8 (size 8):\n  comm \"pool-udisksd\", pid 108217, jiffies 4295408555\n  hex dump (first 8 bytes):\n    75 74 66 38 00 cc cc cc                          utf8....\n  backtrace (crc de430d31):\n    [\u003cffff800081046e6c\u003e] kmemleak_alloc+0xb8/0xc8\n    [\u003cffff8000803e6c3c\u003e] __kmalloc_node_track_caller_noprof+0x380/0x474\n    [\u003cffff800080363b74\u003e] kstrdup+0x70/0xfc\n    [\u003cffff80007bb3c6a4\u003e] isofs_parse_param+0x228/0x2c0 [isofs]\n    [\u003cffff8000804d7f68\u003e] vfs_parse_fs_param+0xf4/0x164\n    [\u003cffff8000804d8064\u003e] vfs_parse_fs_string+0x8c/0xd4\n    [\u003cffff8000804d815c\u003e] vfs_parse_monolithic_sep+0xb0/0xfc\n    [\u003cffff8000804d81d8\u003e] generic_parse_monolithic+0x30/0x3c\n    [\u003cffff8000804d8bfc\u003e] parse_monolithic_mount_data+0x40/0x4c\n    [\u003cffff8000804b6a64\u003e] path_mount+0x6c4/0x9ec\n    [\u003cffff8000804b6e38\u003e] do_mount+0xac/0xc4\n    [\u003cffff8000804b7494\u003e] __arm64_sys_mount+0x16c/0x2b0\n    [\u003cffff80008002b8dc\u003e] invoke_syscall+0x7c/0x104\n    [\u003cffff80008002ba44\u003e] el0_svc_common.constprop.1+0xe0/0x104\n    [\u003cffff80008002ba94\u003e] do_el0_svc+0x2c/0x38\n    [\u003cffff800081041108\u003e] el0_svc+0x3c/0x1b8\n\nThe opt-\u003eiocharset is freed inside the isofs_fill_super function,\nBut there may be situations where it's not possible to\nenter this function.\n\nFor example, in the get_tree_bdev_flags function,when\nencountering the situation where \"Can't mount, would change RO state,\"\nIn such a case, isofs_fill_super will not have the opportunity\nto be called,which means that opt-\u003eiocharset will not have the chance\nto be freed,ultimately leading to a memory leak.\n\nLet's move the memory freeing of opt-\u003eiocharset into\nisofs_free_fc function.","modified":"2026-04-02T12:24:34.590679Z","published":"2024-12-27T14:11:17.091Z","related":["USN-7276-1","USN-7277-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56534.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0b5bbeee4de616a268db77e2f40f19ab010a367b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0fbab266ca8000333c966f5b58cb9b9cac658573"},{"type":"WEB","url":"https://git.kernel.org/stable/c/34f090ddb3630a26e5a6b220bf3bfaf5c7b70393"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56534.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56534"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1b17a46c9243e9421ee1ac6d628604bbc4ae2201"},{"fixed":"34f090ddb3630a26e5a6b220bf3bfaf5c7b70393"},{"fixed":"0fbab266ca8000333c966f5b58cb9b9cac658573"},{"fixed":"0b5bbeee4de616a268db77e2f40f19ab010a367b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56534.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}