In the Linux kernel, the following vulnerability has been resolved:
fs: sysfs: Fix reference leak in sysfs_break_active_protection()
The sysfs_break_active_protection() routine has an obvious reference
leak in its error path. If the call to kernfs_find_and_get() fails then
kn will be NULL, so the companion sysfs_unbreak_active_protection()
routine won't get called (and would only cause an access violation by
trying to dereference kn->parent if it was called). As a result, the
reference to kobj acquired at the start of the function will never be
released.
Fix the leak by adding an explicit kobject_put() call when kn is NULL.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Dec 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
Thu, 19 Dec 2024 09:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 24 Sep 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_tus:8.4::nfv cpe:/o:redhat:rhel_aus:8.4 cpe:/o:redhat:rhel_e4s:8.4 cpe:/o:redhat:rhel_tus:8.4 |
Fri, 06 Sep 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:rhel_eus:8.8 |
Tue, 13 Aug 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_e4s:9.0 |
Tue, 13 Aug 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_e4s:9.0::nfv |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-01T05:28:02.462Z
Updated: 2024-12-19T08:51:56.257Z
Reserved: 2024-02-19T14:20:24.206Z
Link: CVE-2024-26993
Vulnrichment
Updated: 2024-08-02T00:21:05.900Z
NVD
Status : Analyzed
Published: 2024-05-01T06:15:17.110
Modified: 2024-12-23T20:43:56.733
Link: CVE-2024-26993
Redhat