CVE-2024-50231
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50231
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50231.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50231
- Downstream
- Related
- Published
- 2024-11-09T10:14:41Z
- Modified
- 2025-10-15T02:25:30.079995Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
iio: gts-helper: Fix memory leaks in iiogtsbuildavailscale_table()
modprobe iio-test-gts and rmmod it, then the following memory leak occurs:
unreferenced object 0xffffff80c810be00 (size 64): comm "kunit_try_catch", pid 1654, jiffies 4294913981 hex dump (first 32 bytes): 02 00 00 00 08 00 00 00 20 00 00 00 40 00 00 00 ........ ...@... 80 00 00 00 00 02 00 00 00 04 00 00 00 08 00 00 ................ backtrace (crc a63d875e): [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40 [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0 [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4 [<0000000071bb4b09>] 0xffffffdf052a62e0 [<000000000315bc18>] 0xffffffdf052a6488 [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000f505065d>] kthread+0x2e8/0x374 [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80cbfe9e70 (size 16): comm "kunit_try_catch", pid 1658, jiffies 4294914015 hex dump (first 16 bytes): 10 00 00 00 40 00 00 00 80 00 00 00 00 00 00 00 ....@........... backtrace (crc 857f0cb4): [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40 [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0 [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4 [<0000000071bb4b09>] 0xffffffdf052a62e0 [<000000007d089d45>] 0xffffffdf052a6864 [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000f505065d>] kthread+0x2e8/0x374 [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20 ......It includes 55 times "size 64" memory leaks, which correspond to 5 times test_init_iio_gain_scale() calls with gts_test_gains size 10 (10size(int)) and gtstestitimes size 5. It also includes 51 times "size 16" memory leak, which correspond to one time __test_init_iio_gain_scale() call with gts_test_gains_gain_low size 3 (3size(int)) and gtstestitimes size 5.
The reason is that the pertimegains[i] is not freed which is allocated in the "gts->numitime" for loop in iiogtsbuildavailscaletable().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced38416c28e16890b52fdd5eb73479299ec3f062f3Fixed38d6e8be234d87b0eedca50309e25051888b39d1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced38416c28e16890b52fdd5eb73479299ec3f062f3Fixed16e41593825c3044efca0eb34b2d6ffba306e4ec
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced38416c28e16890b52fdd5eb73479299ec3f062f3Fixed691e79ffc42154a9c91dc3b7e96a307037b4be74
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.12-rc1
v6.12-rc2
v6.3
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
{
"vanir_signatures": [
{
"id": "CVE-2024-50231-1b44d815",
"signature_type": "Function",
"digest": {
"function_hash": "269932584383089937981024355089664840259",
"length": 1097.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@691e79ffc42154a9c91dc3b7e96a307037b4be74",
"target": {
"file": "drivers/iio/industrialio-gts-helper.c",
"function": "iio_gts_build_avail_scale_table"
},
"deprecated": false,
"signature_version": "v1"
},
{
"id": "CVE-2024-50231-35558ef8",
"signature_type": "Function",
"digest": {
"function_hash": "257980106884012577217910016047935217187",
"length": 1102.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16e41593825c3044efca0eb34b2d6ffba306e4ec",
"target": {
"file": "drivers/iio/industrialio-gts-helper.c",
"function": "iio_gts_build_avail_scale_table"
},
"deprecated": false,
"signature_version": "v1"
},
{
"id": "CVE-2024-50231-5f757257",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132292487025350170494029120148401132327",
"187484480292217424753505214779091388282",
"145463890830548058312919597665193688641"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@38d6e8be234d87b0eedca50309e25051888b39d1",
"target": {
"file": "drivers/iio/industrialio-gts-helper.c"
},
"deprecated": false,
"signature_version": "v1"
},
{
"id": "CVE-2024-50231-73e74d00",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132292487025350170494029120148401132327",
"187484480292217424753505214779091388282",
"145463890830548058312919597665193688641"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@691e79ffc42154a9c91dc3b7e96a307037b4be74",
"target": {
"file": "drivers/iio/industrialio-gts-helper.c"
},
"deprecated": false,
"signature_version": "v1"
},
{
"id": "CVE-2024-50231-a2c2f02b",
"signature_type": "Function",
"digest": {
"function_hash": "257980106884012577217910016047935217187",
"length": 1102.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@38d6e8be234d87b0eedca50309e25051888b39d1",
"target": {
"file": "drivers/iio/industrialio-gts-helper.c",
"function": "iio_gts_build_avail_scale_table"
},
"deprecated": false,
"signature_version": "v1"
},
{
"id": "CVE-2024-50231-e78210b3",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"132292487025350170494029120148401132327",
"187484480292217424753505214779091388282",
"145463890830548058312919597665193688641"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16e41593825c3044efca0eb34b2d6ffba306e4ec",
"target": {
"file": "drivers/iio/industrialio-gts-helper.c"
},
"deprecated": false,
"signature_version": "v1"
}
]
}