mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.3 KiB
1.3 KiB
CVE-2024-53191
Description
In the Linux kernel, the following vulnerability has been resolved:wifi: ath12k: fix warning when unbindingIf there is an error during some initialization related to firmware,the buffers dp->tx_ring[i].tx_status are released.However this is released again when the device is unbinded (ath12k_pci),and we get:WARNING: CPU: 0 PID: 2098 at mm/slub.c:4689 free_large_kmalloc+0x4d/0x80Call Trace:free_large_kmallocath12k_dp_freeath12k_core_deinitath12k_pci_remove...The issue is always reproducible from a VM because the MSI addressinginitialization is failing.In order to fix the issue, just set the buffers to NULL after releasing inorder to avoid the double free.
POC
Reference
No PoCs from references.