Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2024-27392

HistoryMay 01, 2024 - 1:15 p.m.

CVE-2024-27392

2024-05-0113:15:51

Debian Security Bug Tracker

security-tracker.debian.org

cve-2024-27392

linux kernel

vulnerability

nvme

double-free

struct

nvme_id_ns

ns_update_nuse

kasan

blktests

kernel v6.8-rc7

patches

AI Score

6.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

In the Linux kernel, the following vulnerability has been resolved: nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse() When nvme_identify_ns() fails, it frees the pointer to the struct nvme_id_ns before it returns. However, ns_update_nuse() calls kfree() for the pointer even when nvme_identify_ns() fails. This results in KASAN double-free, which was observed with blktests nvme/045 with proposed patches [1] on the kernel v6.8-rc7. Fix the double-free by skipping kfree() when nvme_identify_ns() fails.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.1.106-3linux_6.1.106-3_all.deb
Debian11alllinux< 5.10.223-1linux_5.10.223-1_all.deb
Debian999alllinux< 6.10.11-1linux_6.10.11-1_all.deb
Debian13alllinux< 6.10.11-1linux_6.10.11-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.1.106-3	linux_6.1.106-3_all.deb
Debian	11	all	linux	< 5.10.223-1	linux_5.10.223-1_all.deb
Debian	999	all	linux	< 6.10.11-1	linux_6.10.11-1_all.deb
Debian	13	all	linux	< 6.10.11-1	linux_6.10.11-1_all.deb