CVE-2024-43871

Summary

In the Linux kernel, the following vulnerability has been resolved:

devres: Fix memory leakage caused by driver API devm_free_percpu()

It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < 700e8abd65b10792b2f179ce4e858f2ca2880f85affected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < b044588a16a978cd891cb3d665dd7ae06850d5bfaffected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < ef56dcdca8f2a53abc3a83d388b8336447533d85affected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < 3047f99caec240a88ccd06197af2868da1af6a96affected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < 3dcd0673e47664bc6c719ad47dadac6d55d5950daffected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < b67552d7c61f52f1271031adfa7834545ae99701affected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < 95065edb8ebb27771d5f1e898eef6ab43dc6c87caffected
LinuxLinuxff86aae3b4112b85d2231c23bccbc49589df1c06 < bd50a974097bb82d52a458bd3ee39fb723129a0caffected
LinuxLinux4.10affected
LinuxLinux0 < 4.10unaffected
LinuxLinux4.19.320 <= 4.19.*unaffected
LinuxLinux5.4.282 <= 5.4.*unaffected
LinuxLinux5.10.224 <= 5.10.*unaffected
LinuxLinux5.15.165 <= 5.15.*unaffected
LinuxLinux6.1.103 <= 6.1.*unaffected
LinuxLinux6.6.44 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References