CVE-2024-53213 in Linuxالمعلومات

الملخص

بحسب MITRE • 27/12/2024

In the Linux kernel, the following vulnerability has been resolved:

net: usb: lan78xx: Fix double free issue with interrupt buffer allocation

In lan78xx_probe(), the buffer `buf` was being freed twice: once implicitly through `usb_free_urb(dev->urb_intr)` with the `URB_FREE_BUFFER` flag and again explicitly by `kfree(buf)`. This caused a double free issue.

To resolve this, reordered `kmalloc()` and `usb_alloc_urb()` calls to simplify the initialization sequence and removed the redundant `kfree(buf)`. Now, `buf` is allocated after `usb_alloc_urb()`, ensuring it is correctly managed by `usb_fill_int_urb()` and freed by `usb_free_urb()` as intended.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Linux

حجز

19/11/2024

إفشاء

27/12/2024

الاعتدال

تمت الموافقة

إدخال

VDB-289456

EPSS

0.00013

KEV

لا

النشاطات

منخفض جدًا

القطاع

Finance, Chemical, ...

المصادر

MITREhttps://www.cve.org/CVERecord?id=CVE-2024-53213
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2024-53213
CVE Detailshttps://www.cvedetails.com/cve/CVE-2024-53213/

التالي نظرة عامة السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!