CVE-2024-26866

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26866
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26866.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26866
Downstream
Related
Published
2024-04-17T11:15:09Z
Modified
2025-08-09T19:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: lpspi: Avoid potential use-after-free in probe()

fsllpspiprobe() is allocating/disposing memory manually with spiallochost()/spialloctarget(), but uses devmspiregistercontroller(). In case of error after the latter call the memory will be explicitly freed in the probe function by spicontrollerput() call, but used afterwards by "devm" management outside probe() (spiunregistercontroller() <- devmspi_unregister() below).

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000070 ... Call trace: kernfsfindns kernfsfindandgetns sysfsremovegroup sysfsremovegroups deviceremoveattrs devicedel spiunregistercontroller devmspiunregister releasenodes devresreleaseall reallyprobe driverprobedevice _deviceattachdriver busforeachdrv _deviceattach deviceinitialprobe busprobedevice deferredprobeworkfunc processonework workerthread kthread retfrom_fork

References

Affected packages