Description
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memory leak when removing provided buffers When removing provided buffers, io_buffer structs are not being disposed of, leading to a memory leak. They can't be freed individually, because they are allocated in page-sized groups. They need to be added to some free list instead, such as io_buffers_cache. All callers already hold the lock protecting it, apart from when destroying buffers, so had to extend the lock there.
Product status
cc3cec8367cba76a8ae4c271eba8450f3efc1ba3 (git) before ac48787f58d1068f4e06d627c1135784d64b4c72
cc3cec8367cba76a8ae4c271eba8450f3efc1ba3 (git) before c117c15927772d1624c29c092b6bd3f47c7faa48
cc3cec8367cba76a8ae4c271eba8450f3efc1ba3 (git) before b4a72c0589fdea6259720375426179888969d6a2
5.18
Any version before 5.18
6.1.24 (semver)
6.2.11 (semver)
6.3 (original_commit_for_fix)
References
git.kernel.org/...c/ac48787f58d1068f4e06d627c1135784d64b4c72
git.kernel.org/...c/c117c15927772d1624c29c092b6bd3f47c7faa48
git.kernel.org/...c/b4a72c0589fdea6259720375426179888969d6a2
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
