CVE-2024-56553

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> binder: fix memleak of proc-&gt;delivered_freeze<br /> <br /> If a freeze notification is cleared with BC_CLEAR_FREEZE_NOTIFICATION<br /> before calling binder_freeze_notification_done(), then it is detached<br /> from its reference (e.g. ref-&gt;freeze) but the work remains queued in<br /> proc-&gt;delivered_freeze. This leads to a memory leak when the process<br /> exits as any pending entries in proc-&gt;delivered_freeze are not freed:<br /> <br /> unreferenced object 0xffff38e8cfa36180 (size 64):<br /> comm "binder-util", pid 655, jiffies 4294936641<br /> hex dump (first 32 bytes):<br /> b8 e9 9e c8 e8 38 ff ff b8 e9 9e c8 e8 38 ff ff .....8.......8..<br /> 0b 00 00 00 00 00 00 00 3c 1f 4b 00 00 00 00 00 ........delivered_freeze are freed during binder_deferred_release().