| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: fix double free in atmel_pmecc_create_user()\n\nThe \"user\" pointer was converted from being allocated with kzalloc() to\nbeing allocated by devm_kzalloc(). Calling kfree(user) will lead to a\ndouble free." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/mtd/nand/raw/atmel/pmecc.c" |
| ], |
| "versions": [ |
| { |
| "version": "22fbbc37edb840fd420fadf670366be9bf028426", |
| "lessThan": "ca9818554b0f33e87f38e4bfa2dac056692d46cc", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "54cb5fa850f9306d84e49a3db44b7a7eb5536cd1", |
| "lessThan": "1562871ef613fa9492aa0310933eff785166a90e", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5fe7709251e334cc27618473299c48340cecd3c8", |
| "lessThan": "3d825a241e65f7e3072978729e79d735ec40b80e", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "24cbc37e837fd9e31e5024480b779207d1d99f1d", |
| "lessThan": "6ea15205d7e2b811fbbdf79783f686f58abfb4b7", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "f1290871c8aaeb13029390a2b6e5c05733a1be6f", |
| "lessThan": "dd45c87782738715d5e7c167f8dabf0814a7394a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "8ac19ec818c548c5788da5926dcc8af96fad4bb1", |
| "lessThan": "d2f090ea57f8d6587e09d4066f740a8617767b3d", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "6d734f1bfc336aaea91313a5632f2f197608fadd", |
| "lessThan": "d8e4771f99c0400a1873235704b28bb803c83d17", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "2014fcea19ec27df033359a0f42db0e8ed4290a8", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "bdd11a04d102f8310812aa7cec39545fdd6662d1", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/mtd/nand/raw/atmel/pmecc.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.4.287", |
| "lessThan": "5.4.289", |
| "status": "affected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.231", |
| "lessThan": "5.10.233", |
| "status": "affected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.174", |
| "lessThan": "5.15.176", |
| "status": "affected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.120", |
| "lessThan": "6.1.123", |
| "status": "affected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.64", |
| "lessThan": "6.6.69", |
| "status": "affected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12.2", |
| "lessThan": "6.12.8", |
| "status": "affected", |
| "versionType": "semver" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.4.287", |
| "versionEndExcluding": "5.4.289" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.10.231", |
| "versionEndExcluding": "5.10.233" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15.174", |
| "versionEndExcluding": "5.15.176" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.1.120", |
| "versionEndExcluding": "6.1.123" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.6.64", |
| "versionEndExcluding": "6.6.69" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.12.2", |
| "versionEndExcluding": "6.12.8" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.19.325" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.11.11" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/ca9818554b0f33e87f38e4bfa2dac056692d46cc" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/1562871ef613fa9492aa0310933eff785166a90e" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/3d825a241e65f7e3072978729e79d735ec40b80e" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/6ea15205d7e2b811fbbdf79783f686f58abfb4b7" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/dd45c87782738715d5e7c167f8dabf0814a7394a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/d2f090ea57f8d6587e09d4066f740a8617767b3d" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/d8e4771f99c0400a1873235704b28bb803c83d17" |
| } |
| ], |
| "title": "mtd: rawnand: fix double free in atmel_pmecc_create_user()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-56766", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
