CVE-2024-35859

Summary

In the Linux kernel, the following vulnerability has been resolved:

block: fix module reference leakage from bdev_open_by_dev error path

At the time bdev_may_open() is called, module reference is grabbed already, hence module reference should be released if bdev_may_open() failed.

This problem is found by code review.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxed5cc702d311c14b653323d76062b0294effa66e < 0e9327c67410b129bf85e5c3a5aaea518328636faffected
LinuxLinuxed5cc702d311c14b653323d76062b0294effa66e < 9617cd6f24b294552a817f80f5225431ef67b540affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.8.9 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References