CVE-2024-36890
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-36890
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36890.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-36890
- Downstream
- Related
- Published
- 2024-05-30T15:28:57Z
- Modified
- 2025-10-15T11:41:19.988801Z
- Summary
- mm/slab: make __free(kfree) accept error pointers
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mm/slab: make __free(kfree) accept error pointers
Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831xgpiodbg_show().
171 char *label _free(kfree) = gpiochipduplinelabel(chip, i); 172 if (ISERR(label)) { 173 deverr(wm831x->dev, "Failed to duplicate label\n"); 174 continue; 175 }
The auto clean up function should check for error pointers as well, otherwise we're going to keep hitting issues like this.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/79cbe0be6c0317b215ddd8bd3e32f0afdac48543
- https://git.kernel.org/stable/c/9f6eb0ab4f95240589ee85fd9886a944cd3645b2
- https://git.kernel.org/stable/c/ac6cf3ce9b7d12acb7b528248df5f87caa25fcdc
- https://git.kernel.org/stable/c/cd7eb8f83fcf258f71e293f7fc52a70be8ed0128
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3c6cc62ce1265aa5623e2e1b29c0fe258bf6e232Fixed9f6eb0ab4f95240589ee85fd9886a944cd3645b2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54da6a0924311c7cf5015533991e44fb8eb12773Fixedac6cf3ce9b7d12acb7b528248df5f87caa25fcdc
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54da6a0924311c7cf5015533991e44fb8eb12773Fixed79cbe0be6c0317b215ddd8bd3e32f0afdac48543
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54da6a0924311c7cf5015533991e44fb8eb12773Fixedcd7eb8f83fcf258f71e293f7fc52a70be8ed0128
Affected versions
v6.*
v6.1.79
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.90
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
Database specific
{
"vanir_signatures": [
{
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "include/linux/slab.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"188308084789556458669766080546232350054",
"148381421189978487634238039264344614864",
"112344483279740263806479336609910238234",
"280448661851164575566755577271697913107",
"290308268090824608607408438996521520474",
"14302852062511667412239398278479651226",
"100696942354370133847927382780202133491",
"24102597913220386422697716794280217756"
],
"threshold": 0.9
},
"id": "CVE-2024-36890-61de69dd",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cd7eb8f83fcf258f71e293f7fc52a70be8ed0128"
},
{
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "include/linux/slab.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"188308084789556458669766080546232350054",
"148381421189978487634238039264344614864",
"112344483279740263806479336609910238234",
"280448661851164575566755577271697913107",
"290308268090824608607408438996521520474",
"14302852062511667412239398278479651226",
"100696942354370133847927382780202133491",
"24102597913220386422697716794280217756"
],
"threshold": 0.9
},
"id": "CVE-2024-36890-75d50f47",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79cbe0be6c0317b215ddd8bd3e32f0afdac48543"
},
{
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "include/linux/slab.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"188308084789556458669766080546232350054",
"148381421189978487634238039264344614864",
"112344483279740263806479336609910238234",
"96123967154636878067169865332781791904"
],
"threshold": 0.9
},
"id": "CVE-2024-36890-8ade6e14",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ac6cf3ce9b7d12acb7b528248df5f87caa25fcdc"
},
{
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "include/linux/slab.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"188308084789556458669766080546232350054",
"148381421189978487634238039264344614864",
"112344483279740263806479336609910238234",
"96123967154636878067169865332781791904"
],
"threshold": 0.9
},
"id": "CVE-2024-36890-b2d801f3",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9f6eb0ab4f95240589ee85fd9886a944cd3645b2"
}
]
}