In the Linux kernel, the following vulnerability has been resolved:
usb: misc: ljca: Fix double free in error handling path
When auxiliarydeviceadd() returns error and then calls auxiliarydeviceuninit(), callback function ljcaauxdevrelease calls kfree(auxdev->dev.platformdata) to free the parameter data of the function ljcanewclientdevice. The callers of ljcanewclient_device shouldn't call kfree() again in the error handling path to free the platform data.
Fix this by cleaning up the redundant kfree() in all callers and adding kfree() the passed in platformdata on errors which happen before auxiliarydevice_init() succeeds .