CVE-2024-26839

Published: Apr 17, 2024Modified: Jan 14, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in init_credit_return When dma_alloc_coherent fails to allocate dd->cr_base[i].va, init_credit_return should deallocate dd->cr_base and dd->cr_base[i] that allocated before. Or those resources would be never freed and a memleak is triggered.

Affected (13)

Products: Linux: Linux Kernel · Debian: Debian Linux

1 product

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.20 to 5.4.270
Linux Linux Kernel	From 4.3 to 4.19.308
Linux Linux Kernel	From 5.11 to 5.15.150
Linux Linux Kernel	From 5.16 to 6.1.80
Linux Linux Kernel	From 5.5 to 5.10.211
Linux Linux Kernel	From 6.2 to 6.6.19
Linux Linux Kernel	From 6.7 to 6.7.7
Linux Linux Kernel	Version 6.8 rc1
Linux Linux Kernel	Version 6.8 rc2
Linux Linux Kernel	Version 6.8 rc3
Linux Linux Kernel	Version 6.8 rc4
Linux Linux Kernel	Version 6.8 rc5

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (18)

https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/809aa64ebff51eb170ee31a95f83b2d21efa32e2

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2adf3670a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/809aa64ebff51eb170ee31a95f83b2d21efa32e2

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2adf3670a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

Timeline

No history available yet.