Products
Linux Kernel
linux_kernel
- *
linux_kernel
- 6
- .
- 1
- 1
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Tags
CVE-2024-46673 details
Last Modified : Sept. 13, 2024, 4:51 p.m.
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aac_init_adapter() fails after allocating memory for aac_dev::queues, it frees the memory but does not clear that member. After the hardware-specific init function returns an error, aac_probe_one() goes down an error path that frees the memory pointed to by aac_dev::queues, resulting.in a double-free.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7.8 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-415 | Double Free | The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.8
Exploitability Score
1.8
Impact Score
5.9
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
| URL | Source |
|---|---|
| https://git.kernel.org/stable/c/4b540ec7c0045c2d01c4e479f34bbc8f147afa4c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/564e1986b00c5f05d75342f8407f75f0a17b94df | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/60962c3d8e18e5d8dfa16df788974dd7f35bd87a | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/85449b28ff6a89c4513115e43ddcad949b5890c9 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/8a3995a3ffeca280a961b59f5c99843d81b15929 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/919ddf8336f0b84c0453bac583808c9f165a85c2 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/9e96dea7eff6f2bbcd0b42a098012fc66af9eb69 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/d237c7d06ffddcdb5d36948c527dc01284388218 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CPEs
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc1 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc2 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc3 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc4 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc5 | / | / | / | / | / | / |