AZL-51408

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51408.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-51408

Upstream

CVE-2024-50012

Published

2024-10-21T19:15:04Z

Modified

2026-04-01T05:16:25.073765Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-50012 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: Avoid a bad reference count on CPU node

In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node that was acquired at the start of the function would not be properly decremented.

Address this by declaring the variable with the _free(devicenode) cleanup attribute.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-50012

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-51408.json"