CVE-2024-35972

Summary

In the Linux kernel, the following vulnerability has been resolved:

bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()

If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly immediately after allocation.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux30343221132430c24b468493c861f71e2bad131f < c60ed825530b8c0cc2b524efd39b1d696ec54004affected
LinuxLinux30343221132430c24b468493c861f71e2bad131f < 10a9d6a7513f93d7faffcb341af0aa42be8218feaffected
LinuxLinux30343221132430c24b468493c861f71e2bad131f < 7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ffaffected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.28 <= 6.6.*unaffected
LinuxLinux6.8.7 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References