mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.3 KiB
1.3 KiB
CVE-2024-56745
Description
In the Linux kernel, the following vulnerability has been resolved:PCI: Fix reset_method_store() memory leakIn reset_method_store(), a string is allocated via kstrndup() and assignedto the local "options". options is then used in with strsep() to findspaces: while ((name = strsep(&options, " ")) != NULL) {If there are no remaining spaces, then options is set to NULL by strsep(),so the subsequent kfree(options) doesn't free the memory allocated viakstrndup().Fix by using a separate tmp_options to iterate with strsep() so options ispreserved.
POC
Reference
No PoCs from references.