7.8
CVE-2024-27433
- EPSS 0.23%
- Veröffentlicht 17.05.2024 13:15:57
- Zuletzt bearbeitet 03.02.2025 16:19:12
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() 'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling mtk_free_clk_data() explicitly in the remove function would lead to a double-free. Remove the redundant call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.4 < 6.6.23
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.11
Linux ≫ Linux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.133 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-415 Double Free
The product calls free() twice on the same memory address.
https://git.kernel.org/stable/c/a32e88f2b20259f5fe4f8eed598bbc85dc4879ed
https://git.kernel.org/stable/c/de3340533bd68a7b3d6be1841b8eb3fa6c762fe6
https://git.kernel.org/stable/c/f3633fed984f1db106ff737a0bb52fadb2d89ac7
https://git.kernel.org/stable/c/fa761ce7a1d15cca1a306b3635f81a22b15fee5b