CVE-2024-35828
Published: May 18, 2024Last modified: May 18, 2024
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.89-r0) |
| Stream | linux-lts | Fixed (6.6.58-r0) |
References
- https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9
- https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a
- https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab
- https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186
- https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf
- https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591
- https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3
- https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2
- https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html