Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-26652
HistoryMar 27, 2024 - 1:53 p.m.

CVE-2024-26652 net: pds_core: Fix possible double free in error handling path

2024-03-2713:53:20
Linux
www.cve.org
8
linux kernel vulnerability
net
pds_core
double free
error handling.

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved:

net: pds_core: Fix possible double free in error handling path

When auxiliary_device_add() returns error and then calls
auxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release
calls kfree(padev) to free memory. We shouldn’t call kfree(padev)
again in the error handling path.

Fix this by cleaning up the redundant kfree() and putting
the error handling back to where the errors happened.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/amd/pds_core/auxbus.c"
    ],
    "versions": [
      {
        "version": "4569cce43bc6",
        "lessThan": "995f802abff2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4569cce43bc6",
        "lessThan": "ffda0e962f27",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4569cce43bc6",
        "lessThan": "ba18deddd6d5",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/amd/pds_core/auxbus.c"
    ],
    "versions": [
      {
        "version": "6.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.4",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.22",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.7.10",
        "lessThanOrEqual": "6.7.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.8",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

redhatcve 1
ubuntucve 1
debiancve 1
vulnrichment 1
nvd 1
cve 1
nessus 2
osv 2
redhatcve
redhatcve
CVE-2024-26652
2024-03-27 15:52:32
ubuntucve
ubuntucve
CVE-2024-26652
2024-03-27 00:00:00
debiancve
debiancve
CVE-2024-26652
2024-03-27 14:15:10
vulnrichment
vulnrichment
CVE-2024-26652 net: pds_core: Fix possible double free in error handling path
2024-03-27 13:53:20
nvd
nvd
CVE-2024-26652
2024-03-27 14:15:10
cve
cve
CVE-2024-26652
2024-03-27 14:15:10
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2135-1)
2024-06-22 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2973-1)
2024-08-21 00:00:00
osv
osv
Security update for the Linux Kernel
2024-06-21 11:03:42
Security update for the Linux Kernel
2024-08-20 07:15:53

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

15.5%

JSON
Related for CVELIST:CVE-2024-26652
redhatcve1ubuntucve1debiancve1vulnrichment1nvd1cve1nessus2osv2