{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35828", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T12:19:12.347Z", "datePublished": "2024-05-17T13:41:12.702Z", "dateUpdated": "2024-12-19T08:55:59.718Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:55:59.718Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\n\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/marvell/libertas/cmd.c"], "versions": [{"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "96481624fb5a6319079fb5059e46dbce43a90186", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "bea9573c795acec5614d4ac2dcc7b3b684cea5bf", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "e888c4461e109f7b93c3522afcbbaa5a8fdf29d2", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "4d99d267da3415db2124029cb5a6d2d955ca43f9", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "d219724d4b0ddb8ec7dfeaed5989f23edabaf591", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "8e243ac649c10922a6b4855170eaefe4c5b3faab", "status": "affected", "versionType": "git"}, {"version": "876c9d3aeb989cf1961f2c228d309ba5dcfb1172", "lessThan": "5f0e4aede01cb01fa633171f0533affd25328c3a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/marvell/libertas/cmd.c"], "versions": [{"version": "2.6.22", "status": "affected"}, {"version": "0", "lessThan": "2.6.22", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.311", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186"}, {"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf"}, {"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7"}, {"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2"}, {"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9"}, {"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3"}, {"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591"}, {"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab"}, {"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a"}], "title": "wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35828", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T14:12:48.621996Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:33:51.765Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.588Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.588Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35828", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T14:12:48.621996Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:24.792Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "876c9d3aeb98", "lessThan": "96481624fb5a", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "bea9573c795a", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "f0dd27314c7a", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "e888c4461e10", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "4d99d267da34", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "da10f6b7918a", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "d219724d4b0d", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "8e243ac649c1", "versionType": "git"}, {"status": "affected", "version": "876c9d3aeb98", "lessThan": "5f0e4aede01c", "versionType": "git"}], "programFiles": ["drivers/net/wireless/marvell/libertas/cmd.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.22"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.22", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.311", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.273", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "custom", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/wireless/marvell/libertas/cmd.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186"}, {"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf"}, {"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7"}, {"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2"}, {"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9"}, {"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3"}, {"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591"}, {"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab"}, {"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\n\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer()."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:29:42.130Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35828", "state": "PUBLISHED", "dateUpdated": "2024-08-02T03:21:47.588Z", "dateReserved": "2024-05-17T12:19:12.347Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T13:41:12.702Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C11EA91-49A5-48C2-88DC-31A895CF5BA4", "versionEndExcluding": "4.19.311", "versionStartIncluding": "2.6.22", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55", "versionEndExcluding": "5.4.273", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8", "versionEndExcluding": "5.10.214", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B", "versionEndExcluding": "5.15.153", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19", "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\n\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer()."}, {"lang": "es", "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: libertas: arreglados algunas memleaks en lbs_allocate_cmd_buffer() En la declaraci\u00f3n for de lbs_allocate_cmd_buffer(), si fall\u00f3 la asignaci\u00f3n de cmdarray[i].cmdbuf, tanto cmdarray como cmdarray[i] Es necesario liberar ].cmdbuf. De lo contrario, habr\u00e1 fugas de memoria en lbs_allocate_cmd_buffer()."}], "id": "CVE-2024-35828", "lastModified": "2025-01-14T14:54:31.167", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T14:15:18.887", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()", "id": "2281180", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281180"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().", "A memory leak vulnerability was found in the `libertas` driver in the Linux kernel's WiFi subsystem. This issue arises from improper handling of memory in the `lbs_allocate_cmd_buffer()` function, which can lead to memory leaks."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35828", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35828\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35828\nhttps://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35828-0024@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.311, kernel 5.4.273, kernel 5.10.214, kernel 5.15.153, kernel 6.1.83, kernel 6.6.23, kernel 6.7.11, kernel 6.8.2, kernel 6.9"}