CVE-2024-36890

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-36890
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36890.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-36890
Downstream
Related
Published
2024-05-30T15:28:57.373Z
Modified
2026-05-14T03:23:32.997630323Z
Summary
mm/slab: make __free(kfree) accept error pointers
Details

In the Linux kernel, the following vulnerability has been resolved:

mm/slab: make __free(kfree) accept error pointers

Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831xgpiodbg_show().

171 char *label _free(kfree) = gpiochipduplinelabel(chip, i); 172 if (ISERR(label)) { 173 deverr(wm831x->dev, "Failed to duplicate label\n"); 174 continue; 175 }

The auto clean up function should check for error pointers as well, otherwise we're going to keep hitting issues like this.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36890.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
af53aaf20722d745a69a051114a1ae237f5b922e
Fixed
edca32f87329d6e341d2143a3b58ec254e8f6b88
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f550466949e822afcd0b546a4fc35795930660bc
Fixed
946771c2a2b1150f9b7286feadc3aa1e15a1eb16
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3c6cc62ce1265aa5623e2e1b29c0fe258bf6e232
Fixed
9f6eb0ab4f95240589ee85fd9886a944cd3645b2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54da6a0924311c7cf5015533991e44fb8eb12773
Fixed
ac6cf3ce9b7d12acb7b528248df5f87caa25fcdc
Fixed
79cbe0be6c0317b215ddd8bd3e32f0afdac48543
Fixed
cd7eb8f83fcf258f71e293f7fc52a70be8ed0128

Affected versions

v6.*
v6.1.79
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.90

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36890.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.91
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.31
Type
ECOSYSTEM
Events
Introduced
6.5.0
Fixed
6.8.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36890.json"