[SRU][O][PATCH 0/1] CVE-2024-56766
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Tue Feb 4 11:00:48 UTC 2025
[Impact]
mtd: rawnand: fix double free in atmel_pmecc_create_user()
The "user" pointer was converted from being allocated with kzalloc() to
being allocated by devm_kzalloc(). Calling kfree(user) will lead to a
double free.
[Fix]
Oracular: Cherry picked from mainline
Noble: Not affected
Jammy: Fixed via upstream stable updates (LP: #2095327)
Focal: Fixed via upstream stable updates (LP: #2095437)
[Test Case]
Compile tested only.
[Where problems could occur]
A regression here is unlikely due to the very limited scope of the
patch
Dan Carpenter (1):
mtd: rawnand: fix double free in atmel_pmecc_create_user()
drivers/mtd/nand/raw/atmel/pmecc.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list