cve/2024/CVE-2024-56652.md

### [CVE-2024-56652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56652)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=dd08ebf6c3525a7ea2186e636df064ea47281987%3C%20b0193a31a0ca5a0f9e60bb4a86537d46b98111b8%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In the Linux kernel, the following vulnerability has been resolved:drm/xe/reg_sr: Remove register poolThat pool implementation doesn't really work: if the krealloc happens tomove the memory and return another address, the entries in the xarraybecome invalid, leading to use-after-free later:	BUG: KASAN: slab-use-after-free in xe_reg_sr_apply_mmio+0x570/0x760 [xe]	Read of size 4 at addr ffff8881244b2590 by task modprobe/2753	Allocated by task 2753:	 kasan_save_stack+0x39/0x70	 kasan_save_track+0x14/0x40	 kasan_save_alloc_info+0x37/0x60	 __kasan_kmalloc+0xc3/0xd0	 __kmalloc_node_track_caller_noprof+0x200/0x6d0	 krealloc_noprof+0x229/0x380Simplify the code to fix the bug. A better pooling strategy may be addedback later if needed.(cherry picked from commit e5283bd4dfecbd3335f43b62a68e24dae23f59e4)

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/cku-heise/euvd-api-doc
- https://github.com/oogasawa/Utility-security