CVE-2024-49853

Summary

In the Linux kernel, the following vulnerability has been resolved:

firmware: arm_scmi: Fix double free in OPTEE transport

Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5f90f189a052f6fc46048f6ce29a37b709548b81 < d7f4fc2bc101e666da649605a9ece2bd42529c7aaffected
LinuxLinux5f90f189a052f6fc46048f6ce29a37b709548b81 < 6699567b0bbb378600a4dc0a1f929439a4e84a2caffected
LinuxLinux5f90f189a052f6fc46048f6ce29a37b709548b81 < dc9543a4f2a5498a4a12d6d2427492a6f1a28056affected
LinuxLinux5f90f189a052f6fc46048f6ce29a37b709548b81 < aef6ae124bb3cc12e34430fed91fbb7efd7a444daffected
LinuxLinux5f90f189a052f6fc46048f6ce29a37b709548b81 < e98dba934b2fc587eafb83f47ad64d9053b18ae0affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.54 <= 6.6.*unaffected
LinuxLinux6.10.13 <= 6.10.*unaffected
LinuxLinux6.11.2 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References