CVE-2024-36890

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-36890
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36890.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-36890
Downstream
Related
Published
2024-05-30T15:28:57Z
Modified
2025-10-15T11:41:19.988801Z
Summary
mm/slab: make __free(kfree) accept error pointers
Details

In the Linux kernel, the following vulnerability has been resolved:

mm/slab: make __free(kfree) accept error pointers

Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831xgpiodbg_show().

171 char *label _free(kfree) = gpiochipduplinelabel(chip, i); 172 if (ISERR(label)) { 173 deverr(wm831x->dev, "Failed to duplicate label\n"); 174 continue; 175 }

The auto clean up function should check for error pointers as well, otherwise we're going to keep hitting issues like this.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3c6cc62ce1265aa5623e2e1b29c0fe258bf6e232
Fixed
9f6eb0ab4f95240589ee85fd9886a944cd3645b2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54da6a0924311c7cf5015533991e44fb8eb12773
Fixed
ac6cf3ce9b7d12acb7b528248df5f87caa25fcdc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54da6a0924311c7cf5015533991e44fb8eb12773
Fixed
79cbe0be6c0317b215ddd8bd3e32f0afdac48543
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54da6a0924311c7cf5015533991e44fb8eb12773
Fixed
cd7eb8f83fcf258f71e293f7fc52a70be8ed0128

Affected versions

v6.*

v6.1.79
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.90
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6

Database specific

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "include/linux/slab.h"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "188308084789556458669766080546232350054",
                    "148381421189978487634238039264344614864",
                    "112344483279740263806479336609910238234",
                    "280448661851164575566755577271697913107",
                    "290308268090824608607408438996521520474",
                    "14302852062511667412239398278479651226",
                    "100696942354370133847927382780202133491",
                    "24102597913220386422697716794280217756"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-36890-61de69dd",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cd7eb8f83fcf258f71e293f7fc52a70be8ed0128"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "include/linux/slab.h"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "188308084789556458669766080546232350054",
                    "148381421189978487634238039264344614864",
                    "112344483279740263806479336609910238234",
                    "280448661851164575566755577271697913107",
                    "290308268090824608607408438996521520474",
                    "14302852062511667412239398278479651226",
                    "100696942354370133847927382780202133491",
                    "24102597913220386422697716794280217756"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-36890-75d50f47",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79cbe0be6c0317b215ddd8bd3e32f0afdac48543"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "include/linux/slab.h"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "188308084789556458669766080546232350054",
                    "148381421189978487634238039264344614864",
                    "112344483279740263806479336609910238234",
                    "96123967154636878067169865332781791904"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-36890-8ade6e14",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ac6cf3ce9b7d12acb7b528248df5f87caa25fcdc"
        },
        {
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "include/linux/slab.h"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "188308084789556458669766080546232350054",
                    "148381421189978487634238039264344614864",
                    "112344483279740263806479336609910238234",
                    "96123967154636878067169865332781791904"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-36890-b2d801f3",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9f6eb0ab4f95240589ee85fd9886a944cd3645b2"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.91
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.31
Type
ECOSYSTEM
Events
Introduced
6.5.0
Fixed
6.8.10