VYPR
Medium severity5.5NVD Advisory· Published Dec 27, 2024· Updated Jun 17, 2026

CVE-2024-56584

CVE-2024-56584

Description

In the Linux kernel, the following vulnerability has been resolved:

io_uring/tctx: work around xa_store() allocation error issue

syzbot triggered the following WARN_ON:

WARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51

which is the

WARN_ON_ONCE(!xa_empty(&tctx->xa));

sanity check in __io_uring_free() when a io_uring_task is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xa_store() can fail one of its memory allocations and end up with ->head being non-NULL even though no entries exist in the xarray.

Until this issue gets sorted out, work around it by attempting to iterate entries in our xarray, and WARN_ON_ONCE() if one is found.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

65

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.