DEBIAN-CVE-2024-35816
- Source
- https://security-tracker.debian.org/tracker/CVE-2024-35816
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-35816.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-35816
- Upstream
- Published
- 2024-05-17T14:15:16Z
- Modified
- 2025-09-27T09:00:31Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: prevent leak of left-over IRQ on unbind Commit 5a95f1ded28691e6 ("firewire: ohci: use devres for requested IRQ") also removed the call to freeirq() in pciremove(), leading to a leftover irq of devmrequestirq() at pcidisablemsi() in pciremove() when unbinding the driver from the device removeprocentry: removing non-empty directory 'irq/136', leaking at least 'firewireohci' Call Trace: ? removeprocentry+0x19c/0x1c0 ? _warn+0x81/0x130 ? removeprocentry+0x19c/0x1c0 ? reportbug+0x171/0x1a0 ? consoleunlock+0x78/0x120 ? handlebug+0x3c/0x80 ? excinvalidop+0x17/0x70 ? asmexcinvalidop+0x1a/0x20 ? removeprocentry+0x19c/0x1c0 unregisterirqproc+0xf4/0x120 freedesc+0x3d/0xe0 ? kfree+0x29f/0x2f0 irqfreedescs+0x47/0x70 msidomainfreelocked.part.0+0x19d/0x1d0 msidomainfreeirqsalllocked+0x81/0xc0 pcifreemsiirqs+0x12/0x40 pcidisablemsi+0x4c/0x60 pciremove+0x9d/0xc0 [firewireohci 01b483699bebf9cb07a3d69df0aa2bee71db1b26] pcideviceremove+0x37/0xa0 devicereleasedriverinternal+0x19f/0x200 unbindstore+0xa1/0xb0 remove irq with devmfreeirq() before pcidisablemsi() also remove it in failmsi: of pci_probe() as this would lead to an identical leak
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source