CVE-2024-56534: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56534 is a memory leak vulnerability discovered in the Linux kernel's ISO9660 file system (isofs) implementation. The issue was identified in December 2024 and affects Linux kernel versions from 6.10 up to (excluding) 6.11.11 and from 6.12 up to (excluding) 6.12.2. The vulnerability occurs in the iocharset handling within the isofs module (NVD).

The vulnerability stems from improper memory management in the isofs module where opt->iocharset memory is not properly freed in certain error conditions. Specifically, when the gettreebdevflags function encounters a 'Can't mount, would change RO state' situation, the isofsfill_super function is not called, preventing the proper freeing of opt->iocharset memory. The issue has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Kernel Patch).

The memory leak can be triggered during mount operations of ISO9660 file systems, potentially leading to resource exhaustion over time. The vulnerability affects systems using the isofs module for mounting ISO9660 file systems and could result in degraded system performance or denial of service conditions (NVD).

The vulnerability has been patched by moving the memory freeing of opt->iocharset into the isofsfreefc function. Users should upgrade to Linux kernel versions 6.11.11 or 6.12.2 or later that contain the fix. The patch has been backported to affected stable kernel versions (Kernel Patch).