mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
1.1 KiB
1.1 KiB
CVE-2024-26653
Description
In the Linux kernel, the following vulnerability has been resolved:usb: misc: ljca: Fix double free in error handling pathWhen auxiliary_device_add() returns error and then callsauxiliary_device_uninit(), callback function ljca_auxdev_releasecalls kfree(auxdev->dev.platform_data) to free the parameter dataof the function ljca_new_client_device. The callers ofljca_new_client_device shouldn't call kfree() againin the error handling path to free the platform data.Fix this by cleaning up the redundant kfree() in all callers andadding kfree() the passed in platform_data on errors which happenbefore auxiliary_device_init() succeeds .
POC
Reference
No PoCs from references.