In the Linux kernel, the following vulnerability has been resolved:
PCI: Fix resetmethodstore() memory leak
In resetmethodstore(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces:
while ((name = strsep(&options, " ")) != NULL) {
If there are no remaining spaces, then options is set to NULL by strsep(), so the subsequent kfree(options) doesn't free the memory allocated via kstrndup().
Fix by using a separate tmp_options to iterate with strsep() so options is preserved.
[ { "signature_version": "v1", "id": "CVE-2024-56745-05823ec6", "target": { "file": "drivers/pci/pci.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe6fae61f3b993160aef5fe2b7141a83872c144f", "digest": { "line_hashes": [ "307180414386023291566696222690156771449", "113034423575738614968635797526295753795", "113289453784428976139081439677425688170", "195149282268491928166021864176317194974", "57362953010502356155792451947375316721", "113740954037290434742828268345159238984", "335377053477813407950540319344264347595", "153755615957045051706666891527821389130" ], "threshold": 0.9 }, "signature_type": "Line", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-36151093", "target": { "file": "drivers/pci/pci.c", "function": "reset_method_store" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e098baf6bc3f3a6aefc383509aba07e202f7ee0", "digest": { "function_hash": "19668950305174145902349519872199387773", "length": 1352.0 }, "signature_type": "Function", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-3aec254e", "target": { "file": "drivers/pci/pci.c", "function": "reset_method_store" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe6fae61f3b993160aef5fe2b7141a83872c144f", "digest": { "function_hash": "19668950305174145902349519872199387773", "length": 1352.0 }, "signature_type": "Function", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-4131e099", "target": { "file": "drivers/pci/pci.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e098baf6bc3f3a6aefc383509aba07e202f7ee0", "digest": { "line_hashes": [ "307180414386023291566696222690156771449", "113034423575738614968635797526295753795", "113289453784428976139081439677425688170", "195149282268491928166021864176317194974", "57362953010502356155792451947375316721", "113740954037290434742828268345159238984", "335377053477813407950540319344264347595", "153755615957045051706666891527821389130" ], "threshold": 0.9 }, "signature_type": "Line", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-6e6abb95", "target": { "file": "drivers/pci/pci.c", "function": "reset_method_store" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@931d07ccffcc3614f20aaf602b31e89754e21c59", "digest": { "function_hash": "19668950305174145902349519872199387773", "length": 1352.0 }, "signature_type": "Function", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-7fe28c01", "target": { "file": "drivers/pci/pci.c", "function": "reset_method_store" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@543d0eb40e45c6a51f1bff02f417b602e54472d5", "digest": { "function_hash": "19668950305174145902349519872199387773", "length": 1352.0 }, "signature_type": "Function", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-8861c165", "target": { "file": "drivers/pci/pci.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@403efb4457c0c8f8f51e904cc57d39193780c6bd", "digest": { "line_hashes": [ "307180414386023291566696222690156771449", "113034423575738614968635797526295753795", "113289453784428976139081439677425688170", "195149282268491928166021864176317194974", "57362953010502356155792451947375316721", "113740954037290434742828268345159238984", "335377053477813407950540319344264347595", "153755615957045051706666891527821389130" ], "threshold": 0.9 }, "signature_type": "Line", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-a5d9a45b", "target": { "file": "drivers/pci/pci.c", "function": "reset_method_store" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2985b1844f3f3447f2d938eff1ef6762592065a5", "digest": { "function_hash": "19668950305174145902349519872199387773", "length": 1352.0 }, "signature_type": "Function", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-c1ef6ee6", "target": { "file": "drivers/pci/pci.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@931d07ccffcc3614f20aaf602b31e89754e21c59", "digest": { "line_hashes": [ "307180414386023291566696222690156771449", "113034423575738614968635797526295753795", "113289453784428976139081439677425688170", "195149282268491928166021864176317194974", "57362953010502356155792451947375316721", "113740954037290434742828268345159238984", "335377053477813407950540319344264347595", "153755615957045051706666891527821389130" ], "threshold": 0.9 }, "signature_type": "Line", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-db113dd1", "target": { "file": "drivers/pci/pci.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2985b1844f3f3447f2d938eff1ef6762592065a5", "digest": { "line_hashes": [ "307180414386023291566696222690156771449", "113034423575738614968635797526295753795", "113289453784428976139081439677425688170", "195149282268491928166021864176317194974", "57362953010502356155792451947375316721", "113740954037290434742828268345159238984", "335377053477813407950540319344264347595", "153755615957045051706666891527821389130" ], "threshold": 0.9 }, "signature_type": "Line", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-f2a12233", "target": { "file": "drivers/pci/pci.c", "function": "reset_method_store" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@403efb4457c0c8f8f51e904cc57d39193780c6bd", "digest": { "function_hash": "19668950305174145902349519872199387773", "length": 1352.0 }, "signature_type": "Function", "deprecated": false }, { "signature_version": "v1", "id": "CVE-2024-56745-faeec815", "target": { "file": "drivers/pci/pci.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@543d0eb40e45c6a51f1bff02f417b602e54472d5", "digest": { "line_hashes": [ "307180414386023291566696222690156771449", "113034423575738614968635797526295753795", "113289453784428976139081439677425688170", "195149282268491928166021864176317194974", "57362953010502356155792451947375316721", "113740954037290434742828268345159238984", "335377053477813407950540319344264347595", "153755615957045051706666891527821389130" ], "threshold": 0.9 }, "signature_type": "Line", "deprecated": false } ]