CVE-2024-42138 in Linuxinfo

Summary

by MITRE • 07/30/2024

In the Linux kernel, the following vulnerability has been resolved:

mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file

In case of invalid INI file mlxsw_linecard_types_init() deallocates memory but doesn't reset pointer to NULL and returns 0. In case of any error occurred after mlxsw_linecard_types_init() call, mlxsw_linecards_init() calls mlxsw_linecard_types_fini() which performs memory deallocation again.

Add pointer reset to NULL.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/19/2025

The vulnerability identified as CVE-2024-42138 resides within the Linux kernel's mlxsw driver, specifically in the core linecards subsystem responsible for managing Mellanox switch hardware components. This issue manifests as a double memory deallocation condition that occurs when processing invalid INI configuration files during the initialization of line card types. The flaw represents a classic memory safety issue that can lead to system instability and potential security implications within kernel space operations.

The technical implementation of this vulnerability stems from improper memory management practices within the mlxsw_linecard_types_init() function which handles the initialization of line card types for Mellanox switch hardware. When an invalid INI file is encountered, the function properly deallocates memory resources but fails to reset the associated pointer to NULL value. This omission creates a dangerous scenario where subsequent error handling code paths can attempt to deallocate the same memory region twice. The mlxsw_linecards_init() function, which orchestrates the overall initialization process, calls mlxsw_linecard_types_fini() upon encountering errors, resulting in the second deallocation of already freed memory.

The operational impact of this vulnerability extends beyond simple memory corruption, potentially enabling attackers to exploit the double free condition for privilege escalation or system compromise. When the kernel encounters an invalid INI file during switch hardware initialization, the improper memory handling can cause the system to behave unpredictably, potentially leading to kernel panics, denial of service conditions, or in worst-case scenarios, arbitrary code execution within kernel space. This vulnerability affects systems running Linux kernels with Mellanox switch driver support, particularly those managing network infrastructure equipment that relies on proper INI file configuration for hardware initialization.

The root cause of this vulnerability aligns with CWE-415, which describes the double free condition where a program frees the same memory block twice. This classification indicates the fundamental flaw in memory management where the same pointer is passed to free() function multiple times without proper nullification between deallocations. The vulnerability was discovered through systematic kernel verification conducted by the Linux Verification Center using SVACE static analysis tools, highlighting the importance of automated security testing in kernel development. Mitigation strategies should involve updating to kernel versions that include the fix implementing proper pointer nullification after memory deallocation, ensuring that subsequent deallocation attempts on the same memory region are prevented through proper state management.

This vulnerability demonstrates the critical importance of memory safety practices in kernel development, where improper resource management can create exploitable conditions. The fix requires resetting the pointer to NULL immediately after the first memory deallocation in mlxsw_linecard_types_init() to prevent the subsequent call to mlxsw_linecard_types_fini() from attempting to deallocate the same memory region. The remediation aligns with established security best practices for kernel memory management and represents a straightforward but essential correction to prevent memory safety violations that could be leveraged for system compromise. Organizations maintaining Linux-based network infrastructure should prioritize patching systems running affected kernel versions to prevent exploitation of this double free condition that could impact network switch operations and overall system stability.

Responsible

Linux

Reservation

07/29/2024

Disclosure

07/30/2024

Moderation

accepted

CPE

ready

EPSS

0.00234

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!