CVE-2024-26655

Fix memory leak in posix_clock_open()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

Fix memory leak in posix_clock_open()

If the clk ops.open() function returns an error, we don't release the
pccontext we allocated for this clock.

Re-organize the code slightly to make it all more obvious.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Reparar la pérdida de memoria en posix_clock_open() Si la función clk ops.open() devuelve un error, no liberamos el contexto de pc que asignamos para este reloj. Reorganice ligeramente el código para que sea más obvio.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-04-01 CVE Published
2024-04-04 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
https://git.kernel.org/stable/c/60c6946675fc06dd2fd2b7a4b6fd1c1f046f1056	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/a88649b49523e8cbe95254440d803e38c19d2341	2024-04-03
https://git.kernel.org/stable/c/0200dd7ed2335469955d7e69cc1a6fa7df1f3847	2024-04-03
https://git.kernel.org/stable/c/5b4cdd9c5676559b8a7c944ac5269b914b8c0bb8	2024-03-27

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.7.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.8.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.8.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.9"		en		Affected