CVE-2024-56710

Published Dec 29, 2024

Last updated 2 months ago

CVSS medium 5.5

Overview

Description
In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and pages remain pinned if ceph_alloc_sparse_ext_map() fails. There is no need to delay the allocation of sparse_ext map until after the bvecs array is set up, so fix this by moving sparse_ext allocation a bit earlier. Also, make a similar adjustment in __ceph_sync_read() for consistency (a leak of the same kind in __ceph_sync_read() has been addressed differently).
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
5.5
Impact score
3.6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

nvd@nist.gov
CWE-401

Social media

Hype score
Not currently trending

  1. CVE-2024-56710 Memory Leak in Linux Kernel's Ceph Direct Read/Write Fixed In the Linux kernel, a vulnerability has been fixed: ceph: resolve memory leak in ceph_direct_read_write() The bvecs array, made in iter... https://t.co/nOlNd1MxuB

    @VulmonFeeds

    29 Dec 2024

    41 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  2. CVE-2024-56710 In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get… https://t.co/sLeAAbmtGK

    @CVEnew

    29 Dec 2024

    362 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References