CVE-2024-36940

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-36940
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36940.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-36940
Downstream
Related
Published
2024-05-30T15:29:28.101Z
Modified
2026-03-20T12:36:52.704921Z
Summary
pinctrl: core: delete incorrect free in pinctrl_enable()
Details

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: core: delete incorrect free in pinctrl_enable()

The "pctldev" struct is allocated in devmpinctrlregisterandinit(). It's a devm_ managed pointer that is freed by devmpinctrldevrelease(), so freeing it in pinctrlenable() will lead to a double free.

The devmpinctrldev_release() function frees the pindescs and destroys the mutex as well.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36940.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6118714275f0a313ecc296a87ed1af32d9691bed
Fixed
735f4c6b6771eafe336404c157ca683ad72a040d
Fixed
cdaa171473d98962ae86f2a663d398fda2fbeefd
Fixed
288bc4aa75f150d6f1ee82dd43c6da1b438b6068
Fixed
41f88ef8ba387a12f4a2b8c400b6c9e8e54b2cca
Fixed
ac7d65795827dc0cf7662384ed27caf4066bd72e
Fixed
558c8039fdf596a584a92c171cbf3298919c448c
Fixed
f9f1e321d53e4c5b666b66e5b43da29841fb55ba
Fixed
5038a66dad0199de60e5671603ea6623eb9e5c79

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36940.json"