Ubuntu.comUB:CVE-2024-36890CVE-2024-36890
In the Linux kernel, the following vulnerability has been resolved:
mm/slab: make __free(kfree) accept error pointers Currently, if an
automatically freed allocation is an error pointer that will lead to a
crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *label
__free(kfree) = gpiochip_dup_line_label(chip, i); 172 if (IS_ERR(label)) {
173 dev_err(wm831x->dev, “Failed to duplicate label\n”); 174 continue; 175
} The auto clean up function should check for error pointers as well,
otherwise we’re going to keep hitting issues like this.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-gcp-6.5 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-ibm | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux-intel | < any | UNKNOWN |
References
git.kernel.org/linus/cd7eb8f83fcf258f71e293f7fc52a70be8ed0128 (6.9)
git.kernel.org/stable/c/79cbe0be6c0317b215ddd8bd3e32f0afdac48543
git.kernel.org/stable/c/9f6eb0ab4f95240589ee85fd9886a944cd3645b2
git.kernel.org/stable/c/ac6cf3ce9b7d12acb7b528248df5f87caa25fcdc
git.kernel.org/stable/c/cd7eb8f83fcf258f71e293f7fc52a70be8ed0128
launchpad.net/bugs/cve/CVE-2024-36890
nvd.nist.gov/vuln/detail/CVE-2024-36890
security-tracker.debian.org/tracker/CVE-2024-36890
www.cve.org/CVERecord?id=CVE-2024-36890
Related
