CVE-2024-41073

Summary

In the Linux kernel, the following vulnerability has been resolved:

nvme: avoid double free special payload

If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQF_SPECIAL_LOAD when the request is cleaned.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf9d03f96b988002027d4b28ea1b7a24729a4c9b5 < 882574942a9be8b9d70d13462ddacc80c4b385baaffected
LinuxLinuxf9d03f96b988002027d4b28ea1b7a24729a4c9b5 < c5942a14f795de957ae9d66027aac8ff4fe70057affected
LinuxLinuxf9d03f96b988002027d4b28ea1b7a24729a4c9b5 < f3ab45aacd25d957547fb6d115c1574c20964b3baffected
LinuxLinuxf9d03f96b988002027d4b28ea1b7a24729a4c9b5 < ae84383c96d6662c24697ab6b44aae855ab670aaaffected
LinuxLinuxf9d03f96b988002027d4b28ea1b7a24729a4c9b5 < 1b9fd1265fac85916f90b4648de02adccdb7220baffected
LinuxLinuxf9d03f96b988002027d4b28ea1b7a24729a4c9b5 < e5d574ab37f5f2e7937405613d9b1a724811e5adaffected
LinuxLinux4.10affected
LinuxLinux0 < 4.10unaffected
LinuxLinux5.10.237 <= 5.10.*unaffected
LinuxLinux5.15.164 <= 5.15.*unaffected
LinuxLinux6.1.101 <= 6.1.*unaffected
LinuxLinux6.6.42 <= 6.6.*unaffected
LinuxLinux6.9.11 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References