CVE-2024-53213
- Source
- https://cve.org/CVERecord?id=CVE-2024-53213
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53213.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-53213
- Downstream
- Related
- Published
- 2024-12-27T13:49:58.709Z
- Modified
- 2026-03-11T07:47:14.715632647Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: usb: lan78xx: Fix double free issue with interrupt buffer allocation
In lan78xx_probe(), the buffer
bufwas being freed twice: once implicitly throughusb_free_urb(dev->urb_intr)with theURB_FREE_BUFFERflag and again explicitly bykfree(buf). This caused a double free issue.To resolve this, reordered
kmalloc()andusb_alloc_urb()calls to simplify the initialization sequence and removed the redundantkfree(buf). Now,bufis allocated afterusb_alloc_urb(), ensuring it is correctly managed byusb_fill_int_urb()and freed byusb_free_urb()as intended. - Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53213.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/03819abbeb11117dcbba40bfe322b88c0c88a6b6
- https://git.kernel.org/stable/c/7ac9f3c981eeceee2ec4d30d850f4a6f50a1ec40
- https://git.kernel.org/stable/c/977128343fc2a30737399b58df8ea77e94f164bd
- https://git.kernel.org/stable/c/a422ebec863d99d5607fb41bb7af3347fcb436d3
- https://git.kernel.org/stable/c/b09512aea6223eec756f52aa584fc29eeab57480
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53213.json
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-53213
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda6df95cae40bee555e01a37b4023ce8e97ffa249Fixed977128343fc2a30737399b58df8ea77e94f164bdFixeda422ebec863d99d5607fb41bb7af3347fcb436d3Fixedb09512aea6223eec756f52aa584fc29eeab57480Fixed7ac9f3c981eeceee2ec4d30d850f4a6f50a1ec40Fixed03819abbeb11117dcbba40bfe322b88c0c88a6b6
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected3281ebb3dc5ef19507e65523e9f8c00e20b285caLast affecteddcafa5a8452738eb28085f559b0683d55e22b2f5