CVE-2024-42138

In the Linux kernel, the following vulnerability has been resolved: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file In case of invalid INI file mlxsw_linecard_types_init() deallocates memory but doesn't reset pointer to NULL and returns 0. In case of any error occurred after mlxsw_linecard_types_init() call, mlxsw_linecards_init() calls mlxsw_linecard_types_fini() which performs memory deallocation again. Add pointer reset to NULL. Found by Linux Verification Center (linuxtesting.org) with SVACE.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3	Patch
https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2	Patch
https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0	Patch
https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1	Patch
https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3	Patch
https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2	Patch
https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0	Patch
https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc6::::::

History

11 Dec 2024, 15:11

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CWE		CWE-415
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:o:linux:linux_kernel:6.10:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.10:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.10:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.10:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.10:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.10:rc3::::::
References	~~() https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3 -~~	() https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3 - Patch
References	~~() https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2 -~~	() https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2 - Patch
References	~~() https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0 -~~	() https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0 - Patch
References	~~() https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1 -~~	() https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1 - Patch

21 Nov 2024, 09:33

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3 -~~	() https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3 -
References	~~() https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2 -~~	() https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2 -
References	~~() https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0 -~~	() https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0 -
References	~~() https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1 -~~	() https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1 -

30 Jul 2024, 13:32

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mlxsw: core_linecards: corrige la doble desasignación de memoria en caso de un archivo INI no válido En caso de un archivo INI no válido, mlxsw_linecard_types_init() desasigna la memoria pero no restablece el puntero a NULL y devuelve 0. En caso de que se produzca algún error después de la llamada a mlxsw_linecard_types_init(), mlxsw_linecards_init() llama a mlxsw_linecard_types_fini(), que realiza la desasignación de memoria nuevamente. Agregue el reinicio del puntero a NULL. Encontrado por el Centro de verificación de Linux (linuxtesting.org) con SVACE.

30 Jul 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-30 08:15

Updated : 2024-12-11 15:11

NVD link : CVE-2024-42138

Mitre link : CVE-2024-42138

CVE.ORG link : CVE-2024-42138

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-415

Double Free

7.8 /10