CVE-2024-38617

Summary

In the Linux kernel, the following vulnerability has been resolved:

kunit/fortify: Fix mismatched kvalloc()/vfree() usage

The kv*() family of tests were accidentally freeing with vfree() instead of kvfree(). Use kvfree() instead.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9124a26401483bf2b13a99cb4317dce3f677060f < 7880dbf4eafe22a6a41a42e774f1122c814ed02daffected
LinuxLinux9124a26401483bf2b13a99cb4317dce3f677060f < 42d21c9727028fe7ee392223ba127484b1b8677eaffected
LinuxLinux9124a26401483bf2b13a99cb4317dce3f677060f < 03758d5a0932016b6d5f5bfbca580177e6bc937aaffected
LinuxLinux9124a26401483bf2b13a99cb4317dce3f677060f < 998b18072ceb0613629c256b409f4d299829c7ecaffected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.33 <= 6.6.*unaffected
LinuxLinux6.8.12 <= 6.8.*unaffected
LinuxLinux6.9.3 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References