Lucene search
Redhat.comRH:CVE-2024-35847HistoryMay 18, 2024 - 1:07 a.m.
CVE-2024-35847
2024-05-1801:07:57
redhat.com
access.redhat.com
2
linux kernel
vulnerability
resolved
error handling
double free
irqchip
gic-v3-its
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after successfully allocating at least one interrupt. This happens because its_vpe_irq_domain_free() frees the interrupts along with the area bitmap and the vprop_page and its_vpe_irq_domain_alloc() subsequently frees the area bitmap and the vprop_page again. Fix this by unconditionally invoking its_vpe_irq_domain_free() which handles all cases correctly and by removing the bitmap/vprop_page freeing from its_vpe_irq_domain_alloc(). [ tglx: Massaged change log ]
Related
cvelist
cvelist
CVE-2024-35847 irqchip/gic-v3-its: Prevent double free on error
2024-05-17 14:47:26
ubuntucve
ubuntucve
CVE-2024-35847
2024-05-17 00:00:00
vulnrichment
vulnrichment
CVE-2024-35847 irqchip/gic-v3-its: Prevent double free on error
2024-05-17 14:47:26
cve
cve
CVE-2024-35847
2024-05-17 15:15:21
nvd
nvd
CVE-2024-35847
2024-05-17 15:15:21
debiancve
debiancve
CVE-2024-35847
2024-05-17 15:15:21
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
2024-06-13 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
2024-06-14 00:00:00