Описание
In the Linux kernel, the following vulnerability has been resolved:
stm class: Fix a double free in stm_register_device()
The put_device(&stm->dev) call will trigger stm_device_release() which
frees "stm" so the vfree(stm) on the next line is a double free.
A vulnerability was found in the Linux kernel's stm class, where an improper memory management sequence in stm_register_device() could lead to a double-free error. This issue occurs when the put_device(&stm->dev) call triggers stm_device_release() to free "stm", making the subsequent vfree(stm) call redundant and potentially harmful.
Отчет
Red Hat assesses the impact of this vulnerability as Low because this flaw can be mitigated by blocklisting a kernel module that is not typically used in production systems, and an attacker would need elevated privileges to have complete control over the consequences of the memory corruption caused by this issue.
Меры по смягчению последствий
To mitigate this issue, prevent the stm kernel module from being loaded. See https://access.redhat.com/solutions/41278 for information about how to prevent kernel modules from being loaded automatically.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2024:5102 | 08.08.2024 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2024:5101 | 08.08.2024 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2024:9315 | 12.11.2024 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2024:9315 | 12.11.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel | Fixed | RHSA-2024:5364 | 14.08.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel-rt | Fixed | RHSA-2024:5365 | 14.08.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.6 Medium
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which frees "stm" so the vfree(stm) on the next line is a double free.
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which frees "stm" so the vfree(stm) on the next line is a double free.
In the Linux kernel, the following vulnerability has been resolved: s ...
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which frees "stm" so the vfree(stm) on the next line is a double free.
Уязвимость функции stm_register_device() драйвера трассировки System Trace Module (STM) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
5.6 Medium
CVSS3