CVE-2024-50071
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50071
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50071.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50071
- Downstream
- Related
- Published
- 2024-10-29T00:50:12Z
- Modified
- 2025-10-15T01:13:43.091358Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: nuvoton: fix a double free in ma35pinctrldtnodetomapfunc()
'newmap' is allocated using devm* which takes care of freeing the allocated data on device removal, call to
.dt_free_map = pinconf_generic_dt_free_mapdouble frees the map as pinconfgenericdtfreemap() calls pinctrlutilsfree_map().
Fix this by using kcalloc() instead of auto-managed devm_kcalloc().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf805e356313bbcafef48808c14eb9ce7f4ff2560Fixed6441d9c3d71b59c8fd27d4e381c7471a32ac1a68
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf805e356313bbcafef48808c14eb9ce7f4ff2560Fixed3fd976afe9743110f20a23f93b7ff9693f2be4bf
Affected versions
v6.*
v6.10
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.12-rc1
Database specific
{
"vanir_signatures": [
{
"target": {
"file": "drivers/pinctrl/nuvoton/pinctrl-ma35.c"
},
"id": "CVE-2024-50071-45a986df",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"207718085162730577966884396055250782682",
"165264640361910837797236764219685278284",
"36892431933506273108148508626040450132",
"129692216804973242421263379018119947851"
]
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fd976afe9743110f20a23f93b7ff9693f2be4bf",
"signature_type": "Line"
},
{
"target": {
"file": "drivers/pinctrl/nuvoton/pinctrl-ma35.c",
"function": "ma35_pinctrl_dt_node_to_map_func"
},
"id": "CVE-2024-50071-926f5b05",
"signature_version": "v1",
"digest": {
"length": 1256.0,
"function_hash": "329402339981280169776745056207960849339"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fd976afe9743110f20a23f93b7ff9693f2be4bf",
"signature_type": "Function"
},
{
"target": {
"file": "drivers/pinctrl/nuvoton/pinctrl-ma35.c",
"function": "ma35_pinctrl_dt_node_to_map_func"
},
"id": "CVE-2024-50071-a6420261",
"signature_version": "v1",
"digest": {
"length": 1256.0,
"function_hash": "329402339981280169776745056207960849339"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6441d9c3d71b59c8fd27d4e381c7471a32ac1a68",
"signature_type": "Function"
},
{
"target": {
"file": "drivers/pinctrl/nuvoton/pinctrl-ma35.c"
},
"id": "CVE-2024-50071-c5d90078",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"207718085162730577966884396055250782682",
"165264640361910837797236764219685278284",
"36892431933506273108148508626040450132",
"129692216804973242421263379018119947851"
]
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6441d9c3d71b59c8fd27d4e381c7471a32ac1a68",
"signature_type": "Line"
}
]
}