CVE-2024-53210

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()<br /> <br /> Passing MSG_PEEK flag to skb_recv_datagram() increments skb refcount<br /> (skb-&gt;users) and iucv_sock_recvmsg() does not decrement skb refcount<br /> at exit.<br /> This results in skb memory leak in skb_queue_purge() and WARN_ON in<br /> iucv_sock_destruct() during socket close. To fix this decrease<br /> skb refcount by one if MSG_PEEK is set in order to prevent memory<br /> leak and WARN_ON.<br /> <br /> WARNING: CPU: 2 PID: 6292 at net/iucv/af_iucv.c:286 iucv_sock_destruct+0x144/0x1a0 [af_iucv]<br /> CPU: 2 PID: 6292 Comm: afiucv_test_msg Kdump: loaded Tainted: G W 6.10.0-rc7 #1<br /> Hardware name: IBM 3931 A01 704 (z/VM 7.3.0)<br /> Call Trace:<br /> [] iucv_sock_destruct+0x148/0x1a0 [af_iucv]<br /> [] iucv_sock_destruct+0x80/0x1a0 [af_iucv]<br /> [] __sk_destruct+0x52/0x550<br /> [] __sock_release+0xa4/0x230<br /> [] sock_close+0x2c/0x40<br /> [] __fput+0x2e8/0x970<br /> [] task_work_run+0x1c4/0x2c0<br /> [] do_exit+0x996/0x1050<br /> [] do_group_exit+0x13a/0x360<br /> [] __s390x_sys_exit_group+0x56/0x60<br /> [] do_syscall+0x27a/0x380<br /> [] __do_syscall+0x9c/0x160<br /> [] system_call+0x70/0x98<br /> Last Breaking-Event-Address:<br /> [] iucv_sock_destruct+0x84/0x1a0 [af_iucv]