5.3
CVE-2024-35835
- EPSS 0.16%
- Veröffentlicht 17.05.2024 14:15:20
- Zuletzt bearbeitet 07.04.2025 19:05:53
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net/mlx5e: fix a double-free in arfs_create_groups
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and return an error. However, arfs_create_table, the only caller of arfs_create_groups, will hold this error and call to mlx5e_destroy_flow_table, in which the ft->g will be freed again.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.7 < 4.19.307
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.269
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.210
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.149
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.76
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.15
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.3
Linux ≫ Linux Kernel Version6.8 Updaterc1
Debian ≫ Debian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.371 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-415 Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.