CVE-2024-56745

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-56745
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56745.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56745
Downstream
Related
Published
2024-12-29T11:30:12.434Z
Modified
2026-03-11T07:53:28.071055Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
PCI: Fix reset_method_store() memory leak
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: Fix resetmethodstore() memory leak

In resetmethodstore(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces:

while ((name = strsep(&options, " ")) != NULL) {

If there are no remaining spaces, then options is set to NULL by strsep(), so the subsequent kfree(options) doesn't free the memory allocated via kstrndup().

Fix by using a separate tmp_options to iterate with strsep() so options is preserved.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56745.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d88f521da3efd698e36d0d504a2abba6ac4f5ef8
Fixed
403efb4457c0c8f8f51e904cc57d39193780c6bd
Fixed
931d07ccffcc3614f20aaf602b31e89754e21c59
Fixed
8e098baf6bc3f3a6aefc383509aba07e202f7ee0
Fixed
543d0eb40e45c6a51f1bff02f417b602e54472d5
Fixed
fe6fae61f3b993160aef5fe2b7141a83872c144f
Fixed
2985b1844f3f3447f2d938eff1ef6762592065a5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56745.json"