CVE-2024-26829 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: fix a memleak in irtoy_tx When irtoy_command fails, buf should be freed since it is allocated by irtoy_tx, or there is a memleak.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff
https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae
https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e
https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621
https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef
https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e
https://nvd.nist.gov/vuln/detail/CVE-2024-26829
https://www.cve.org/CVERecord?id=CVE-2024-26829

History

Thu, 12 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-17T10:03:13.088Z

Updated: 2024-11-05T09:16:32.795Z

Reserved: 2024-02-19T14:20:24.181Z

Link: CVE-2024-26829

Vulnrichment

Updated: 2024-08-02T00:14:13.642Z

NVD

Status : Awaiting Analysis

Published: 2024-04-17T10:15:09.347

Modified: 2024-04-17T12:48:07.510

Link: CVE-2024-26829

Redhat

Severity : Low

Publid Date: 2024-04-17T00:00:00Z

Links: CVE-2024-26829 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-26829", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.181Z", "datePublished": "2024-04-17T10:03:13.088Z", "dateUpdated": "2024-11-05T09:16:32.795Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:16:32.795Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ir_toy: fix a memleak in irtoy_tx\n\nWhen irtoy_command fails, buf should be freed since it is allocated by\nirtoy_tx, or there is a memleak."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/rc/ir_toy.c"], "versions": [{"version": "4114978dcd24", "lessThan": "486a4176bc78", "status": "affected", "versionType": "git"}, {"version": "a4ac45aff8d3", "lessThan": "207557e393a1", "status": "affected", "versionType": "git"}, {"version": "4114978dcd24", "lessThan": "be76ad74a43f", "status": "affected", "versionType": "git"}, {"version": "4114978dcd24", "lessThan": "7219a692ffc0", "status": "affected", "versionType": "git"}, {"version": "4114978dcd24", "lessThan": "b37259448bbc", "status": "affected", "versionType": "git"}, {"version": "4114978dcd24", "lessThan": "dc9ceb90c4b4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/rc/ir_toy.c"], "versions": [{"version": "5.16", "status": "affected"}, {"version": "0", "lessThan": "5.16", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.210", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.149", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.79", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.18", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.6", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae"}, {"url": "https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff"}, {"url": "https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef"}, {"url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e"}, {"url": "https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621"}, {"url": "https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e"}], "title": "media: ir_toy: fix a memleak in irtoy_tx", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.642Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26829", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:54.512101Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:29.268Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.642Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26829", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:54.512101Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.937Z"}}], "cna": {"title": "media: ir_toy: fix a memleak in irtoy_tx", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4114978dcd24", "lessThan": "486a4176bc78", "versionType": "git"}, {"status": "affected", "version": "a4ac45aff8d3", "lessThan": "207557e393a1", "versionType": "git"}, {"status": "affected", "version": "4114978dcd24", "lessThan": "be76ad74a43f", "versionType": "git"}, {"status": "affected", "version": "4114978dcd24", "lessThan": "7219a692ffc0", "versionType": "git"}, {"status": "affected", "version": "4114978dcd24", "lessThan": "b37259448bbc", "versionType": "git"}, {"status": "affected", "version": "4114978dcd24", "lessThan": "dc9ceb90c4b4", "versionType": "git"}], "programFiles": ["drivers/media/rc/ir_toy.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.16"}, {"status": "unaffected", "version": "0", "lessThan": "5.16", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.210", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.149", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.79", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.18", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.6", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/media/rc/ir_toy.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae"}, {"url": "https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff"}, {"url": "https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef"}, {"url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e"}, {"url": "https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621"}, {"url": "https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ir_toy: fix a memleak in irtoy_tx\n\nWhen irtoy_command fails, buf should be freed since it is allocated by\nirtoy_tx, or there is a memleak."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:23:27.197Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26829", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:33:29.268Z", "dateReserved": "2024-02-19T14:20:24.181Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:03:13.088Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}