CVE-2024-36940

pinctrl: core: delete incorrect free in pinctrl_enable()

Severity Score

2.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init().
It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),
so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys
the mutex as well.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: core: eliminar incorrecto gratis en pinctrl_enable() La estructura "pctldev" está asignada en devm_pinctrl_register_and_init(). Es un puntero administrado por devm_ que se libera mediante devm_pinctrl_dev_release(), por lo que liberarlo en pinctrl_enable() generará una doble liberación. La función devm_pinctrl_dev_release() libera los pindescs y también destruye el mutex.

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well.

Benedict SchlÃ¼ter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-30 CVE Reserved
2024-05-30 CVE Published
2024-12-19 CVE Updated
2025-03-26 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-415: Double Free

CAPEC

References (13)

URL	Tag	Source
https://git.kernel.org/stable/c/6118714275f0a313ecc296a87ed1af32d9691bed	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/735f4c6b6771eafe336404c157ca683ad72a040d	2024-05-17
https://git.kernel.org/stable/c/cdaa171473d98962ae86f2a663d398fda2fbeefd	2024-05-17
https://git.kernel.org/stable/c/288bc4aa75f150d6f1ee82dd43c6da1b438b6068	2024-05-17
https://git.kernel.org/stable/c/41f88ef8ba387a12f4a2b8c400b6c9e8e54b2cca	2024-05-17
https://git.kernel.org/stable/c/ac7d65795827dc0cf7662384ed27caf4066bd72e	2024-05-17
https://git.kernel.org/stable/c/558c8039fdf596a584a92c171cbf3298919c448c	2024-05-17
https://git.kernel.org/stable/c/f9f1e321d53e4c5b666b66e5b43da29841fb55ba	2024-05-17
https://git.kernel.org/stable/c/5038a66dad0199de60e5671603ea6623eb9e5c79	2024-03-28

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-36940	2024-11-12
https://bugzilla.redhat.com/show_bug.cgi?id=2284477	2024-11-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 4.19.314 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.19.314"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.4.276 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.4.276"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.10.217 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.10.217"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.15.159 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.15.159"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.1.91 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.1.91"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.6.31 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.6.31"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.8.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.8.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.9"		en		Affected