CVE-2024-50055

Summary

In the Linux kernel, the following vulnerability has been resolved:

driver core: bus: Fix double free in driver API bus_register()

For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the first free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3465e2e4a24eef9bc9f21aa29d83fd7000c1da48 < d885c464c25018b81a6b58f5d548fc2e3ef87dd1affected
LinuxLinux3465e2e4a24eef9bc9f21aa29d83fd7000c1da48 < 9ce15f68abedfae7ae0a35e95895aeddfd0f0c6aaffected
LinuxLinux3465e2e4a24eef9bc9f21aa29d83fd7000c1da48 < bfa54a793ba77ef696755b66f3ac4ed00c7d1248affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.57 <= 6.6.*unaffected
LinuxLinux6.11.4 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References