[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2024051756-CVE-2024-27433-42fb@gregkh>
Date: Fri, 17 May 2024 14:08:59 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()
'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling
mtk_free_clk_data() explicitly in the remove function would lead to a
double-free.
Remove the redundant call.
The Linux kernel CVE team has assigned CVE-2024-27433 to this issue.
Affected and fixed versions
===========================
Issue introduced in 6.4 with commit c50e2ea6507b and fixed in 6.6.23 with commit de3340533bd6
Issue introduced in 6.4 with commit c50e2ea6507b and fixed in 6.7.11 with commit f3633fed984f
Issue introduced in 6.4 with commit c50e2ea6507b and fixed in 6.8.2 with commit fa761ce7a1d1
Issue introduced in 6.4 with commit c50e2ea6507b and fixed in 6.9 with commit a32e88f2b202
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-27433
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/clk/mediatek/clk-mt7622-apmixedsys.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/de3340533bd68a7b3d6be1841b8eb3fa6c762fe6
https://git.kernel.org/stable/c/f3633fed984f1db106ff737a0bb52fadb2d89ac7
https://git.kernel.org/stable/c/fa761ce7a1d15cca1a306b3635f81a22b15fee5b
https://git.kernel.org/stable/c/a32e88f2b20259f5fe4f8eed598bbc85dc4879ed
Powered by blists - more mailing lists