CVE-2024-56766

Summary

In the Linux kernel, the following vulnerability has been resolved:

mtd: rawnand: fix double free in atmel_pmecc_create_user()

The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux22fbbc37edb840fd420fadf670366be9bf028426 < ca9818554b0f33e87f38e4bfa2dac056692d46ccaffected
LinuxLinux54cb5fa850f9306d84e49a3db44b7a7eb5536cd1 < 1562871ef613fa9492aa0310933eff785166a90eaffected
LinuxLinux5fe7709251e334cc27618473299c48340cecd3c8 < 3d825a241e65f7e3072978729e79d735ec40b80eaffected
LinuxLinux24cbc37e837fd9e31e5024480b779207d1d99f1d < 6ea15205d7e2b811fbbdf79783f686f58abfb4b7affected
LinuxLinuxf1290871c8aaeb13029390a2b6e5c05733a1be6f < dd45c87782738715d5e7c167f8dabf0814a7394aaffected
LinuxLinux8ac19ec818c548c5788da5926dcc8af96fad4bb1 < d2f090ea57f8d6587e09d4066f740a8617767b3daffected
LinuxLinux6d734f1bfc336aaea91313a5632f2f197608fadd < d8e4771f99c0400a1873235704b28bb803c83d17affected
LinuxLinux2014fcea19ec27df033359a0f42db0e8ed4290a8affected
LinuxLinuxbdd11a04d102f8310812aa7cec39545fdd6662d1affected
LinuxLinux4.19.325 < 4.20affected
LinuxLinux6.11.11 < 6.12affected
LinuxLinux5.4.287 < 5.4.289affected
LinuxLinux5.10.231 < 5.10.233affected
LinuxLinux5.15.174 < 5.15.176affected
LinuxLinux6.1.120 < 6.1.123affected
LinuxLinux6.6.64 < 6.6.69affected
LinuxLinux6.12.2 < 6.12.8affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References