CVE-2024-46673

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: aacraid: Fix double-free on probe failure

aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter().

If aac_init_adapter() fails after allocating memory for aac_dev::queues, it frees the memory but does not clear that member.

After the hardware-specific init function returns an error, aac_probe_one() goes down an error path that frees the memory pointed to by aac_dev::queues, resulting.in a double-free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < d237c7d06ffddcdb5d36948c527dc01284388218affected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 564e1986b00c5f05d75342f8407f75f0a17b94dfaffected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 9e96dea7eff6f2bbcd0b42a098012fc66af9eb69affected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 85449b28ff6a89c4513115e43ddcad949b5890c9affected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 60962c3d8e18e5d8dfa16df788974dd7f35bd87aaffected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 8a3995a3ffeca280a961b59f5c99843d81b15929affected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 4b540ec7c0045c2d01c4e479f34bbc8f147afa4caffected
LinuxLinux8e0c5ebde82b08f6d996e11983890fc4cc085fab < 919ddf8336f0b84c0453bac583808c9f165a85c2affected
LinuxLinux2.6.15affected
LinuxLinux0 < 2.6.15unaffected
LinuxLinux4.19.321 <= 4.19.*unaffected
LinuxLinux5.4.283 <= 5.4.*unaffected
LinuxLinux5.10.225 <= 5.10.*unaffected
LinuxLinux5.15.166 <= 5.15.*unaffected
LinuxLinux6.1.108 <= 6.1.*unaffected
LinuxLinux6.6.49 <= 6.6.*unaffected
LinuxLinux6.10.8 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References