cve/2024/CVE-2024-56745.md

### [CVE-2024-56745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56745)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.15%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=d88f521da3efd698e36d0d504a2abba6ac4f5ef8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:PCI: Fix reset_method_store() memory leakIn reset_method_store(), a string is allocated via kstrndup() and assignedto the local "options". options is then used in with strsep() to findspaces:  while ((name = strsep(&options, " ")) != NULL) {If there are no remaining spaces, then options is set to NULL by strsep(),so the subsequent kfree(options) doesn't free the memory allocated viakstrndup().Fix by using a separate tmp_options to iterate with strsep() so options ispreserved.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/cku-heise/euvd-api-doc
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/w4zu/Debian_security