7.8

CVE-2024-27433

clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()

In the Linux kernel, the following vulnerability has been resolved:

clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()

'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling
mtk_free_clk_data() explicitly in the remove function would lead to a
double-free.

Remove the redundant call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.4 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.133
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address.

https://git.kernel.org/stable/c/a32e88f2b20259f5fe4f8eed598bbc85dc4879ed
Patch
https://git.kernel.org/stable/c/de3340533bd68a7b3d6be1841b8eb3fa6c762fe6
Patch
https://git.kernel.org/stable/c/f3633fed984f1db106ff737a0bb52fadb2d89ac7
Patch
https://git.kernel.org/stable/c/fa761ce7a1d15cca1a306b3635f81a22b15fee5b
Patch