In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: fix a double-free in arfscreategroups
When in
allocated by kvzalloc fails, arfscreategroups will free
ft->g and return an error. However, arfscreatetable, the only caller of
arfscreategroups, will hold this error and call to
mlx5edestroyflow_table, in which the ft->g will be freed again.