CVE-2024-53202
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-53202
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53202.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-53202
- Downstream
- Related
- Published
- 2024-12-27T13:49:48Z
- Modified
- 2025-10-17T17:55:28.936077Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- firmware_loader: Fix possible resource leak in fw_log_firmware_info()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
firmwareloader: Fix possible resource leak in fwlogfirmwareinfo()
The alg instance should be released under the exception path, otherwise there may be resource leak here.
To mitigate this, free the alg instance with cryptofreeshash when kmalloc fails.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/369a9c046c2fdfe037f05b43b84c386bdbccc103
- https://git.kernel.org/stable/c/789a72498d32f88d24371c10985aceb46397056c
- https://git.kernel.org/stable/c/eb5d67d00ad17a5bd0920f455160dc2ccbd2dc78
- https://git.kernel.org/stable/c/f380f895dbb2a11d62ca6df9e82d995f4bc26b84
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02fe26f25325b547b7a31a65deb0326c04bb5174Fixed789a72498d32f88d24371c10985aceb46397056c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02fe26f25325b547b7a31a65deb0326c04bb5174Fixedeb5d67d00ad17a5bd0920f455160dc2ccbd2dc78
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02fe26f25325b547b7a31a65deb0326c04bb5174Fixedf380f895dbb2a11d62ca6df9e82d995f4bc26b84
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced02fe26f25325b547b7a31a65deb0326c04bb5174Fixed369a9c046c2fdfe037f05b43b84c386bdbccc103
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.10
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.11.7
v6.11.8
v6.11.9
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.3
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"272374032028294908620698715838541441307",
"18997675926012903281845788761575847534",
"173982571286945980539363060877468420084",
"115701205275883703439762673475961389578",
"105261608504007611738141496966601410252",
"207915950226393948101382735694404562829",
"168704960569457923211649336233199607387",
"283995687227127978788219037890890191212",
"316581546022512702059093130208586726379",
"197549090548215896283246962361210430776",
"93144954062530243873970906821848156268",
"171064984786400361623054268419332207186",
"220980775970931591998223428232919335345",
"67444970910154786073885796278078637380"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@789a72498d32f88d24371c10985aceb46397056c",
"deprecated": false,
"id": "CVE-2024-53202-13fde24f",
"signature_version": "v1",
"target": {
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Function",
"digest": {
"length": 854.0,
"function_hash": "246053172053048122929368269783983764022"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@369a9c046c2fdfe037f05b43b84c386bdbccc103",
"deprecated": false,
"id": "CVE-2024-53202-1b07d3bf",
"signature_version": "v1",
"target": {
"function": "fw_log_firmware_info",
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Function",
"digest": {
"length": 854.0,
"function_hash": "246053172053048122929368269783983764022"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb5d67d00ad17a5bd0920f455160dc2ccbd2dc78",
"deprecated": false,
"id": "CVE-2024-53202-33ca9491",
"signature_version": "v1",
"target": {
"function": "fw_log_firmware_info",
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"272374032028294908620698715838541441307",
"18997675926012903281845788761575847534",
"173982571286945980539363060877468420084",
"115701205275883703439762673475961389578",
"105261608504007611738141496966601410252",
"207915950226393948101382735694404562829",
"168704960569457923211649336233199607387",
"283995687227127978788219037890890191212",
"316581546022512702059093130208586726379",
"197549090548215896283246962361210430776",
"93144954062530243873970906821848156268",
"171064984786400361623054268419332207186",
"220980775970931591998223428232919335345",
"67444970910154786073885796278078637380"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eb5d67d00ad17a5bd0920f455160dc2ccbd2dc78",
"deprecated": false,
"id": "CVE-2024-53202-3bc57697",
"signature_version": "v1",
"target": {
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"272374032028294908620698715838541441307",
"18997675926012903281845788761575847534",
"173982571286945980539363060877468420084",
"115701205275883703439762673475961389578",
"105261608504007611738141496966601410252",
"207915950226393948101382735694404562829",
"168704960569457923211649336233199607387",
"283995687227127978788219037890890191212",
"316581546022512702059093130208586726379",
"197549090548215896283246962361210430776",
"93144954062530243873970906821848156268",
"171064984786400361623054268419332207186",
"220980775970931591998223428232919335345",
"67444970910154786073885796278078637380"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@369a9c046c2fdfe037f05b43b84c386bdbccc103",
"deprecated": false,
"id": "CVE-2024-53202-7714fd46",
"signature_version": "v1",
"target": {
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Function",
"digest": {
"length": 854.0,
"function_hash": "246053172053048122929368269783983764022"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@789a72498d32f88d24371c10985aceb46397056c",
"deprecated": false,
"id": "CVE-2024-53202-8dae405b",
"signature_version": "v1",
"target": {
"function": "fw_log_firmware_info",
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"272374032028294908620698715838541441307",
"18997675926012903281845788761575847534",
"173982571286945980539363060877468420084",
"115701205275883703439762673475961389578",
"105261608504007611738141496966601410252",
"207915950226393948101382735694404562829",
"168704960569457923211649336233199607387",
"283995687227127978788219037890890191212",
"316581546022512702059093130208586726379",
"197549090548215896283246962361210430776",
"93144954062530243873970906821848156268",
"171064984786400361623054268419332207186",
"220980775970931591998223428232919335345",
"67444970910154786073885796278078637380"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f380f895dbb2a11d62ca6df9e82d995f4bc26b84",
"deprecated": false,
"id": "CVE-2024-53202-bf85db15",
"signature_version": "v1",
"target": {
"file": "drivers/base/firmware_loader/main.c"
}
},
{
"signature_type": "Function",
"digest": {
"length": 854.0,
"function_hash": "246053172053048122929368269783983764022"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f380f895dbb2a11d62ca6df9e82d995f4bc26b84",
"deprecated": false,
"id": "CVE-2024-53202-e29b0255",
"signature_version": "v1",
"target": {
"function": "fw_log_firmware_info",
"file": "drivers/base/firmware_loader/main.c"
}
}
]