CVE-2024-36030

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-36030
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36030.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-36030
Downstream
Related
Published
2024-05-30T15:19:43.693Z
Modified
2025-11-20T04:02:13.471294Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
octeontx2-af: fix the double free in rvu_npc_freemem()
Details

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: fix the double free in rvunpcfreemem()

Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c:line 2184, column 2 Attempt to free released memory.

npcmcamrsrcs_deinit() has released 'mcam->counters.bmap'. Deleted this redundant kfree() to fix this double free problem.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd7842878633453e38d6a4927593dd28b9d8ab91
Fixed
f5aa87a2c0a72132ffc793fb0a5375b2a65d520a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd7842878633453e38d6a4927593dd28b9d8ab91
Fixed
6e965eba43e9724f3e603d7b7cc83e53b23d155e

Affected versions

v6.*

v6.7
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "253451595888892017903794377247739299923",
                "317037613288403633337937961972949321910",
                "253294501722055674525859926734828598232",
                "102159607711505171285926133639593506384"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e965eba43e9724f3e603d7b7cc83e53b23d155e",
        "signature_version": "v1",
        "id": "CVE-2024-36030-13ba065f"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "length": 340.0,
            "function_hash": "148782009153414248398923975847244835240"
        },
        "target": {
            "file": "drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c",
            "function": "rvu_npc_freemem"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e965eba43e9724f3e603d7b7cc83e53b23d155e",
        "signature_version": "v1",
        "id": "CVE-2024-36030-7461f559"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.9