CVE-2024-35847

2024-05-1700:00:00

ubuntu.com

linux kernel

vulnerability

resolved

error handling

double free

irqchip

gic-v3-its

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:
irqchip/gic-v3-its: Prevent double free on error The error handling path in
its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails
after successfully allocating at least one interrupt. This happens because
its_vpe_irq_domain_free() frees the interrupts along with the area bitmap
and the vprop_page and its_vpe_irq_domain_alloc() subsequently frees the
area bitmap and the vprop_page again. Fix this by unconditionally invoking
its_vpe_irq_domain_free() which handles all cases correctly and by removing
the bitmap/vprop_page freeing from its_vpe_irq_domain_alloc(). [ tglx:
Massaged change log ]

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN