CVE-2023-52664

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-52664
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52664.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52664
Downstream
Related
Published
2024-05-17T13:45:05.545Z
Modified
2026-03-14T12:23:13.622909Z
Summary
net: atlantic: eliminate double free in error handling logic
Details

In the Linux kernel, the following vulnerability has been resolved:

net: atlantic: eliminate double free in error handling logic

Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation error.

Ring pointer was used as an indicator of failure, but this is not correct since only ring data is allocated/deallocated. Ring itself is an array member.

Changing ring allocation functions to return error code directly. This simplifies error handling and eliminates aqringfree on higher layer.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52664.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
018423e90bee8978105eaaa265a26e70637f9f1e
Fixed
0edb3ae8bfa31cd544b0c195bdec00e036002b5d
Fixed
c11a870a73a3bc4cc7df6dd877a45b181795fcbf
Fixed
d1fde4a7e1dcc4d49cce285107a7a43c3030878d
Fixed
b3cb7a830a24527877b0bc900b9bd74a96aea928

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52664.json"