Lucene search
Redhat.comRH:CVE-2024-27392HistoryMay 01, 2024 - 9:58 p.m.
CVE-2024-27392
2024-05-0121:58:22
redhat.com
access.redhat.com
15
linux kernel
vulnerability
double-free
struct nvme_id_ns
kasan
fix
In the Linux kernel, the following vulnerability has been resolved: nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse() When nvme_identify_ns() fails, it frees the pointer to the struct nvme_id_ns before it returns. However, ns_update_nuse() calls kfree() for the pointer even when nvme_identify_ns() fails. This results in KASAN double-free, which was observed with blktests nvme/045 with proposed patches [1] on the kernel v6.8-rc7. Fix the double-free by skipping kfree() when nvme_identify_ns() fails.
Related
ubuntucve
ubuntucve
CVE-2024-27392
2024-05-01 00:00:00
nvd
nvd
CVE-2024-27392
2024-05-01 13:15:51
debiancve
debiancve
CVE-2024-27392
2024-05-01 13:15:51
cvelist
cvelist
osv
osv
CVE-2024-27392
2024-05-01 13:15:00
linux-azure, linux-gke vulnerabilities
2024-06-14 17:24:38
linux-oracle vulnerabilities
2024-07-04 15:29:41
cve
cve
CVE-2024-27392
2024-05-01 13:15:51
vulnrichment
vulnrichment
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (Oracle) vulnerabilities
2024-07-04 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6817-1)
2024-06-10 00:00:00
Ubuntu: Security Advisory (USN-6817-2)
2024-06-11 00:00:00
Ubuntu: Security Advisory (USN-6817-3)
2024-06-17 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)
2024-06-14 00:00:00
Ubuntu 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6878-1)
2024-07-04 00:00:00
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)
2024-06-10 00:00:00