CVE-2024-39484

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-39484

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39484.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-39484

Downstream

BELL-CVE-2024-39484

DEBIAN-CVE-2024-39484

DLA-4008-1

DSA-5730-1

DSA-5731-1

OESA-2024-1941

OESA-2024-1942

OESA-2024-1943

OESA-2024-1944

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

UBUNTU-CVE-2024-39484

USN-6972-1

USN-6972-2

USN-6972-3

USN-6972-4

USN-6973-1

USN-6973-2

USN-6973-3

USN-6973-4

USN-6974-1

USN-6974-2

USN-6975-1

USN-6976-1

USN-7006-1

USN-7008-1

USN-7019-1

USN-7029-1

Related

Published

2024-07-05T07:15:10Z

Modified

2025-08-09T20:01:28Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: davinci: Don't strip remove function when driver is builtin

Using _exit for the remove function results in the remove callback being discarded with CONFIGMMC_DAVINCI=y. When such a device gets unbound (e.g. using sysfs or hotplug), the driver is just removed without the cleanup being performed. This results in resource leaks. Fix it by compiling in the remove callback unconditionally.

This also fixes a W=1 modpost warning:

WARNING: modpost: drivers/mmc/host/davincimmc: section mismatch in reference: davincimmcsddriver+0x10 (section: .data) -> davincimmcsd_remove (section: .exit.text)

References

Affected packages