CVE-2024-42147

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: hisilicon/debugfs - Fix debugfs uninit process issue

During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also release regs, in addition to its own rollback operation.

As a result, it may be released repeatedly during the regs uninit process. Therefore, the null check needs to be added to the regs uninit process.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux263c9959c9376ec0217d6adc61222a53469eed3c < eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3caffected
LinuxLinux263c9959c9376ec0217d6adc61222a53469eed3c < 7fc8d9a525b5c3f8dfa5ed50901e764d8ede7e1eaffected
LinuxLinux263c9959c9376ec0217d6adc61222a53469eed3c < e0a2d2df9ba7bd6bd7e0a9b6a5e3894f7e8445b3affected
LinuxLinux263c9959c9376ec0217d6adc61222a53469eed3c < 8be0913389718e8d27c4f1d4537b5e1b99ed7739affected
LinuxLinux5.4affected
LinuxLinux0 < 5.4unaffected
LinuxLinux6.1.98 <= 6.1.*unaffected
LinuxLinux6.6.39 <= 6.6.*unaffected
LinuxLinux6.9.9 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References