7.8

CVE-2024-46673

scsi: aacraid: Fix double-free on probe failure

In the Linux kernel, the following vulnerability has been resolved:

scsi: aacraid: Fix double-free on probe failure

aac_probe_one() calls hardware-specific init functions through the
aac_driver_ident::init pointer, all of which eventually call down to
aac_init_adapter().

If aac_init_adapter() fails after allocating memory for aac_dev::queues,
it frees the memory but does not clear that member.

After the hardware-specific init function returns an error,
aac_probe_one() goes down an error path that frees the memory pointed to
by aac_dev::queues, resulting.in a double-free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.15 < 4.19.321
LinuxLinux Kernel Version >= 4.20 < 5.4.283
LinuxLinux Kernel Version >= 5.5 < 5.10.225
LinuxLinux Kernel Version >= 5.11 < 5.15.166
LinuxLinux Kernel Version >= 5.16 < 6.1.108
LinuxLinux Kernel Version >= 6.2 < 6.6.49
LinuxLinux Kernel Version >= 6.7 < 6.10.8
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
LinuxLinux Kernel Version6.11 Updaterc4
LinuxLinux Kernel Version6.11 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.207
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address.

https://git.kernel.org/stable/c/4b540ec7c0045c2d01c4e479f34bbc8f147afa4c
Patch
https://git.kernel.org/stable/c/564e1986b00c5f05d75342f8407f75f0a17b94df
Patch
https://git.kernel.org/stable/c/60962c3d8e18e5d8dfa16df788974dd7f35bd87a
Patch
https://git.kernel.org/stable/c/85449b28ff6a89c4513115e43ddcad949b5890c9
Patch
https://git.kernel.org/stable/c/8a3995a3ffeca280a961b59f5c99843d81b15929
Patch
https://git.kernel.org/stable/c/919ddf8336f0b84c0453bac583808c9f165a85c2
Patch
https://git.kernel.org/stable/c/9e96dea7eff6f2bbcd0b42a098012fc66af9eb69
Patch
https://git.kernel.org/stable/c/d237c7d06ffddcdb5d36948c527dc01284388218
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html