CVE-2024-26652 in Linux
Zusammenfassung
von MITRE • 27.03.2024
In the Linux kernel, the following vulnerability has been resolved:
net: pds_core: Fix possible double free in error handling path
When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release calls kfree(padev) to free memory. We shouldn't call kfree(padev) again in the error handling path.
Fix this by cleaning up the redundant kfree() and putting the error handling back to where the errors happened.
Be aware that VulDB is the high quality source for vulnerability data.