CVE-2024-42138

July 30, 2024, 1:32 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file In case of invalid INI file mlxsw_linecard_types_init() deallocates memory but doesn't reset pointer to NULL and returns 0. In case of any error occurred after mlxsw_linecard_types_init() call, mlxsw_linecards_init() calls mlxsw_linecard_types_fini() which performs memory deallocation again. Add pointer reset to NULL. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3
https://git.kernel.org/stable/c/9af7437669b72f804fc4269f487528dbbed142a2
https://git.kernel.org/stable/c/ab557f5cd993a3201b09593633d04b891263d5c0
https://git.kernel.org/stable/c/f8b55a465b0e8a500179808166fe9420f5c091a1

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-30
CVE-2024-42138

Timeline

Published: July 30, 2024, 8:15 a.m.
Last Modified: July 30, 2024, 1:32 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.