CVE-2024-35859
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
block: fix module reference leakage from bdev_open_by_dev error path
At the time bdev_may_open() is called, module reference is grabbed already, hence module reference should be released if bdev_may_open() failed.
This problem is found by code review.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ed5cc702d311c14b653323d76062b0294effa66e < 0e9327c67410b129bf85e5c3a5aaea518328636f | affected |
| Linux | Linux | ed5cc702d311c14b653323d76062b0294effa66e < 9617cd6f24b294552a817f80f5225431ef67b540 | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 6.8.9 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/0e9327c67410b129bf85e5c3a5aaea518328636f
- https://git.kernel.org/stable/c/9617cd6f24b294552a817f80f5225431ef67b540
References
- https://git.kernel.org/stable/c/0e9327c67410b129bf85e5c3a5aaea518328636f
- https://git.kernel.org/stable/c/9617cd6f24b294552a817f80f5225431ef67b540
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.