In the Linux kernel, the following vulnerability has been resolved:
usb: misc: ljca: Fix double free in error handling path
When auxiliary_device_add() returns error and then calls
auxiliary_device_uninit(), callback function ljca_auxdev_release
calls kfree(auxdev->dev.platform_data) to free the parameter data
of the function ljca_new_client_device. The callers of
ljca_new_client_device shouldn't call kfree() again
in the error handling path to free the platform data.
Fix this by cleaning up the redundant kfree() in all callers and
adding kfree() the passed in platform_data on errors which happen
before auxiliary_device_init() succeeds .
Metrics
Affected Vendors & Products
References
History
Tue, 05 Nov 2024 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-04-01T08:33:04.200Z
Updated: 2024-12-19T08:44:22.044Z
Reserved: 2024-02-19T14:20:24.144Z
Link: CVE-2024-26653
Vulnrichment
Updated: 2024-08-02T00:07:19.799Z
NVD
Status : Awaiting Analysis
Published: 2024-04-01T09:15:51.010
Modified: 2024-11-21T09:02:46.333
Link: CVE-2024-26653
Redhat