CVE-2024-46849
- Source
- https://cve.org/CVERecord?id=CVE-2024-46849
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46849.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-46849
- Downstream
- Related
- Published
- 2024-09-27T12:42:43.316Z
- Modified
- 2026-03-11T07:46:22.991662Z
- Summary
- ASoC: meson: axg-card: fix 'use-after-free'
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ASoC: meson: axg-card: fix 'use-after-free'
Buffer 'card->dailink' is reallocated in 'mesoncardreallocatelinks()', so move 'pad' pointer initialization after this function when memory is already reallocated.
Kasan bug report:
================================================================== BUG: KASAN: slab-use-after-free in axgcardadd_link+0x76c/0x9bc Read of size 8 at addr ffff000000e8b260 by task modprobe/356
CPU: 0 PID: 356 Comm: modprobe Tainted: G O 6.9.12-sdkernel #1 Call trace: dumpbacktrace+0x94/0xec showstack+0x18/0x24 dumpstacklvl+0x78/0x90 printreport+0xfc/0x5c0 kasanreport+0xb8/0xfc __asanload8+0x9c/0xb8 axgcard_addlink+0x76c/0x9bc [sndsocmesonaxgsoundcard] mesoncardprobe+0x344/0x3b8 [sndsocmesoncardutils] platformprobe+0x8c/0xf4 reallyprobe+0x110/0x39c __driverprobedevice+0xb8/0x18c driverprobedevice+0x108/0x1d8 __driverattach+0xd0/0x25c busforeachdev+0xe0/0x154 driverattach+0x34/0x44 busadddriver+0x134/0x294 driverregister+0xa8/0x1e8 __platformdriverregister+0x44/0x54 axgcardpdrvinit+0x20/0x1000 [sndsocmesonaxgsoundcard] dooneinitcall+0xdc/0x25c doinitmodule+0x10c/0x334 loadmodule+0x24c4/0x26cc initmodulefromfile+0xd4/0x128 __arm64sysfinitmodule+0x1f4/0x41c invokesyscall+0x60/0x188 el0svccommon.constprop.0+0x78/0x13c doel0svc+0x30/0x40 el0svc+0x38/0x78 el0t64synchandler+0x100/0x12c el0t64sync+0x190/0x194
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46849.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4f9a71435953f941969a4f017e2357db62d85a86
- https://git.kernel.org/stable/c/5a2cc2bb81399e9ebc72560541137eb04d61dc3d
- https://git.kernel.org/stable/c/7d318166bf55e9029d56997c3b134f4ac2ae2607
- https://git.kernel.org/stable/c/a33145f494e6cb82f3e018662cc7c4febf271f22
- https://git.kernel.org/stable/c/e1a199ec31617242e1a0ea8f312341e682d0c037
- https://git.kernel.org/stable/c/e43364f578cdc2f8083abbc0cb743ea55e827c29
- https://git.kernel.org/stable/c/fb0530025d502cb79d2b2801b14a9d5261833f1a
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46849.json
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-46849
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7864a79f37b55769b817d5e6c5ae0ca4bfdba93bFixeda33145f494e6cb82f3e018662cc7c4febf271f22Fixed5a2cc2bb81399e9ebc72560541137eb04d61dc3dFixedfb0530025d502cb79d2b2801b14a9d5261833f1aFixede1a199ec31617242e1a0ea8f312341e682d0c037Fixede43364f578cdc2f8083abbc0cb743ea55e827c29Fixed7d318166bf55e9029d56997c3b134f4ac2ae2607Fixed4f9a71435953f941969a4f017e2357db62d85a86