CVE-2024-36940

Published: May 30, 2024Modified: May 12, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well.

Affected (14)

Products: Linux: Linux Kernel · Debian: Debian Linux

1 product

1 product

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.11 to 4.19.314
Linux Linux Kernel	From 4.20 to 5.4.276
Linux Linux Kernel	From 5.11 to 5.15.159
Linux Linux Kernel	From 5.16 to 6.1.91
Linux Linux Kernel	From 5.5 to 5.10.217
Linux Linux Kernel	From 6.2 to 6.6.31
Linux Linux Kernel	From 6.7 to 6.8.10
Linux Linux Kernel	Version 6.9 rc1
Linux Linux Kernel	Version 6.9 rc2
Linux Linux Kernel	Version 6.9 rc3
Linux Linux Kernel	Version 6.9 rc4
Linux Linux Kernel	Version 6.9 rc5
Linux Linux Kernel	Version 6.9 rc6

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (20)

https://git.kernel.org/stable/c/288bc4aa75f150d6f1ee82dd43c6da1b438b6068

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/41f88ef8ba387a12f4a2b8c400b6c9e8e54b2cca

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/5038a66dad0199de60e5671603ea6623eb9e5c79

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/558c8039fdf596a584a92c171cbf3298919c448c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/735f4c6b6771eafe336404c157ca683ad72a040d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ac7d65795827dc0cf7662384ed27caf4066bd72e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/cdaa171473d98962ae86f2a663d398fda2fbeefd

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/f9f1e321d53e4c5b666b66e5b43da29841fb55ba

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/288bc4aa75f150d6f1ee82dd43c6da1b438b6068

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/41f88ef8ba387a12f4a2b8c400b6c9e8e54b2cca

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/5038a66dad0199de60e5671603ea6623eb9e5c79

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/558c8039fdf596a584a92c171cbf3298919c448c

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/735f4c6b6771eafe336404c157ca683ad72a040d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ac7d65795827dc0cf7662384ed27caf4066bd72e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/cdaa171473d98962ae86f2a663d398fda2fbeefd

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/f9f1e321d53e4c5b666b66e5b43da29841fb55ba

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.