CVE-2024-27068

thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path

If devm_krealloc() fails, then 'efuse' is leaking.
So free it to avoid a leak.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Thermal/drivers/mediatek/lvts_thermal: corrige una pérdida de memoria en una ruta de manejo de errores. Si devm_krealloc() falla, entonces 'efuse' tiene una fuga. Así que libérelo para evitar una fuga.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-05-02 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/f5f633b18234cecb0e6ee6e5fbb358807dda15c3	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2db869da91afd48e5b9ec76814709be49662b07d	2024-03-26
https://git.kernel.org/stable/c/a37f3652bee468f879d35fe2da9ede3f1dcbb7be	2024-03-26
https://git.kernel.org/stable/c/9b02197596671800dd934609384b1aca7c6ad218	2024-03-26
https://git.kernel.org/stable/c/ca93bf607a44c1f009283dac4af7df0d9ae5e357	2024-03-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.6.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.7.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.8.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.3 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.3 < 6.9"		en		Affected