{"id":"CVE-2024-56584","summary":"io_uring/tctx: work around xa_store() allocation error issue","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/tctx: work around xa_store() allocation error issue\n\nsyzbot triggered the following WARN_ON:\n\nWARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51\n\nwhich is the\n\nWARN_ON_ONCE(!xa_empty(&tctx-\u003exa));\n\nsanity check in __io_uring_free() when a io_uring_task is going through\nits final put. The syzbot test case includes injecting memory allocation\nfailures, and it very much looks like xa_store() can fail one of its\nmemory allocations and end up with -\u003ehead being non-NULL even though no\nentries exist in the xarray.\n\nUntil this issue gets sorted out, work around it by attempting to\niterate entries in our xarray, and WARN_ON_ONCE() if one is found.","modified":"2026-04-16T04:35:35.125540844Z","published":"2024-12-27T14:50:52.735Z","related":["SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56584.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/42882b583095dcf747da6e3af1daeff40e27033e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7eb75ce7527129d7f1fee6951566af409a37a1c4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/94ad56f61b873ffeebcc620d451eacfbdf9d40f0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d5b2ddf1f90c7248eff9630b95895c8950f2f36d"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56584.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56584"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2b188cc1bb857a9d4701ae59aa7768b5124e262e"},{"fixed":"94ad56f61b873ffeebcc620d451eacfbdf9d40f0"},{"fixed":"42882b583095dcf747da6e3af1daeff40e27033e"},{"fixed":"d5b2ddf1f90c7248eff9630b95895c8950f2f36d"},{"fixed":"7eb75ce7527129d7f1fee6951566af409a37a1c4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56584.json"}}],"schema_version":"1.7.5"}