CVE-2024-50159

Summary

In the Linux kernel, the following vulnerability has been resolved:

firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()

Clang static checker(scan-build) throws below warning: | drivers/firmware/arm_scmi/driver.c:line 2915, column 2 | Attempt to free released memory.

When devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup() will run twice which causes double free of 'dbg->name'.

Remove the redundant scmi_debugfs_common_cleanup() to fix this problem.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc3d4aed763ce4a39f8ed36c7b7cd9a6a35971329 < 6d91d07913aee90556362d648d6a28a1eda419dcaffected
LinuxLinuxc3d4aed763ce4a39f8ed36c7b7cd9a6a35971329 < fb324fdaf546bf14bc4c17e0037bca6cb952b121affected
LinuxLinuxc3d4aed763ce4a39f8ed36c7b7cd9a6a35971329 < 39b13dce1a91cdfc3bec9238f9e89094551bd428affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.59 <= 6.6.*unaffected
LinuxLinux6.11.6 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

References