In the Linux kernel, the following vulnerability has been resolved:
irqchip/gic-v3-its: Prevent double free on error
The error handling path in its_vpe_irq_domain_alloc() causes a double free
when its_vpe_init() fails after successfully allocating at least one
interrupt. This happens because its_vpe_irq_domain_free() frees the
interrupts along with the area bitmap and the vprop_page and
its_vpe_irq_domain_alloc() subsequently frees the area bitmap and the
vprop_page again.
Fix this by unconditionally invoking its_vpe_irq_domain_free() which
handles all cases correctly and by removing the bitmap/vprop_page freeing
from its_vpe_irq_domain_alloc().
[ tglx: Massaged change log ]
Metrics
Affected Vendors & Products
References
History
Thu, 08 Aug 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:8::nfv cpe:/o:redhat:enterprise_linux:8 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-17T14:47:26.175Z
Updated: 2024-08-02T03:21:48.906Z
Reserved: 2024-05-17T13:50:33.105Z
Link: CVE-2024-35847
Vulnrichment
Updated: 2024-08-02T03:21:48.906Z
NVD
Status : Awaiting Analysis
Published: 2024-05-17T15:15:21.620
Modified: 2024-06-27T12:15:25.567
Link: CVE-2024-35847
Redhat