CVE-2024-56546

EPSS 0.02%
Veröffentlicht 27.12.2024 14:15:34
Zuletzt bearbeitet 03.11.2025 21:17:53
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend()

In the Linux kernel, the following vulnerability has been resolved:

drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend()

If we fail to allocate memory for cb_data by kmalloc, the memory
allocation for eve_data is never freed, add the missing kfree()
in the error handling path.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

NVD 4 VulnDex Vulnerability Enrichment 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.19 < 6.1.120

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.64

Linux ≫ Linux Kernel Version >= 6.7 < 6.11.11

Linux ≫ Linux Kernel Version >= 6.12 < 6.12.2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.06

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/272168927f38bda46f6c1ed5f40de97689e7a5d2

Patch

https://git.kernel.org/stable/c/44ed4f90a97ff6f339e50ac01db71544e0990efc

Patch

https://git.kernel.org/stable/c/584d420771e1ad2bb74e19a19da8ae0fee0a6e1f

Patch

https://git.kernel.org/stable/c/5a3bda42394ff137eb2d3d3d20d2956a8c6e9237

Patch

https://git.kernel.org/stable/c/882d7afaa4b82c20a7be7a3a039532a80ebacd23

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-56546