CVE-2024-42123

Published: Jul 30, 2024Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free err_addr pointer warnings In amdgpu_umc_bad_page_polling_timeout, the amdgpu_umc_handle_bad_pages will be run many times so that double free err_addr in some special case. So set the err_addr to NULL to avoid the warnings.

Affected (1)

Products: Linux: Linux Kernel

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 6.9.9

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (4)

https://git.kernel.org/stable/c/506c245f3f1cd989cb89811a7f06e04ff8813a0d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8e24beb3c2b08a4763f920399a9cc577ed440a1a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/506c245f3f1cd989cb89811a7f06e04ff8813a0d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/8e24beb3c2b08a4763f920399a9cc577ed440a1a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.