In the Linux kernel, the following vulnerability has been resolved:
dmaengine: ti: k3-udma-glue: Fix of_k3_udma_glue_parse_chn_by_id()
The of_k3_udma_glue_parse_chn_by_id() helper function erroneously
invokes “of_node_put()” on the “udmax_np” device-node passed to it,
without having incremented its reference count at any point. Fix it.
git.kernel.org/linus/ba27e9d2207784da748b19170a2e56bd7770bd81 (6.10-rc5)
git.kernel.org/stable/c/a5ab5f413d1e4c7ed5f64271b025f0726374509e
git.kernel.org/stable/c/ba27e9d2207784da748b19170a2e56bd7770bd81
launchpad.net/bugs/cve/CVE-2024-40991
nvd.nist.gov/vuln/detail/CVE-2024-40991
security-tracker.debian.org/tracker/CVE-2024-40991
www.cve.org/CVERecord?id=CVE-2024-40991