7.8

CVE-2024-26694

EPSS 0.01%
Published 03.04.2024 15:15:52
Last modified 07.01.2025 20:53:53
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: fix double-free bug

The storage for the TLV PC register data wasn't done like all
the other storage in the drv->fw area, which is cleared at the
end of deallocation. Therefore, the freeing must also be done
differently, explicitly NULL'ing it out after the free, since
otherwise there's a nasty double-free bug here if a file fails
to load after this has been parsed, and we get another free
later (e.g. because no other file exists.) Fix that by adding
the missing NULL assignment.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.4 < 6.6.18

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.6

Linux ≫ Linux Kernel Version6.8 Updaterc1

Linux ≫ Linux Kernel Version6.8 Updaterc2

Linux ≫ Linux Kernel Version6.8 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.013

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-415 Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

https://git.kernel.org/stable/c/353d321f63f7dbfc9ef58498cc732c9fe886a596

Patch

https://git.kernel.org/stable/c/ab9d4bb9a1892439b3123fc52b19e32b9cdf80ad

Patch

https://git.kernel.org/stable/c/d24eb9a27bea8fe5237fa71be274391d9d51eff2

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-26694

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-26694

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-26694

EUVD