GHSA-5r7w-j22r-58j4

Опубликовано: 06 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

In the Linux kernel, the following vulnerability has been resolved:

mtd: rawnand: fix double free in atmel_pmecc_create_user()

The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.

In the Linux kernel, the following vulnerability has been resolved:

mtd: rawnand: fix double free in atmel_pmecc_create_user()

The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.

Ссылки

EPSS

Процентиль: 8%

0.00033

Низкий

7.8 High

CVSS3

CVE ID

CVE-2024-56766

Дефекты

CWE-415

Связанные уязвимости

CVE-2024-56766

CVSS3: 7.8

ubuntu

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.