In the Linux kernel, the following vulnerability has been resolved: net: pds_core: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release calls kfree(padev) to free memory. We shouldn't call kfree(padev) again in the error handling path. Fix this by cleaning up the redundant kfree() and putting the error handling back to where the errors happened.
History

Mon, 04 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 4.1, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L'}


Mon, 12 Aug 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-27T13:53:20.726Z

Updated: 2024-12-19T08:44:20.759Z

Reserved: 2024-02-19T14:20:24.144Z

Link: CVE-2024-26652

cve-icon Vulnrichment

Updated: 2024-08-02T00:07:19.705Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-27T14:15:10.297

Modified: 2024-11-21T09:02:46.153

Link: CVE-2024-26652

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-27T00:00:00Z

Links: CVE-2024-26652 - Bugzilla