DEBIAN-CVE-2024-50231

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2024-50231

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-50231.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-50231

Upstream

CVE-2024-50231

Published

2024-11-09T11:15:09Z

Modified

2025-09-25T22:40:20Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iiogtsbuildavailscaletable() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kunittrycatch", pid 1654, jiffies 4294913981 hex dump (first 32 bytes): 02 00 00 00 08 00 00 00 20 00 00 00 40 00 00 00 ........ ...@... 80 00 00 00 00 02 00 00 00 04 00 00 00 08 00 00 ................ backtrace (crc a63d875e): [<0000000028c1b3c2>] kmemleakalloc+0x34/0x40 [<000000001d6ecc87>] _kmallocnoprof+0x2bc/0x3c0 [<00000000393795c1>] devmiioinitiiogts+0x4b4/0x16f4 [<0000000071bb4b09>] 0xffffffdf052a62e0 [<000000000315bc18>] 0xffffffdf052a6488 [<00000000f9dc55b5>] kunittryruncase+0x13c/0x3ac [<00000000175a3fd4>] kunitgenericrunthreadfnadapter+0x80/0xec [<00000000f505065d>] kthread+0x2e8/0x374 [<00000000bbfb0e5d>] retfromfork+0x10/0x20 unreferenced object 0xffffff80cbfe9e70 (size 16): comm "kunittrycatch", pid 1658, jiffies 4294914015 hex dump (first 16 bytes): 10 00 00 00 40 00 00 00 80 00 00 00 00 00 00 00 ....@........... backtrace (crc 857f0cb4): [<0000000028c1b3c2>] kmemleakalloc+0x34/0x40 [<000000001d6ecc87>] _kmallocnoprof+0x2bc/0x3c0 [<00000000393795c1>] devmiioinitiiogts+0x4b4/0x16f4 [<0000000071bb4b09>] 0xffffffdf052a62e0 [<000000007d089d45>] 0xffffffdf052a6864 [<00000000f9dc55b5>] kunittryruncase+0x13c/0x3ac [<00000000175a3fd4>] kunitgenericrunthreadfnadapter+0x80/0xec [<00000000f505065d>] kthread+0x2e8/0x374 [<00000000bbfb0e5d>] retfromfork+0x10/0x20 ...... It includes 5*5 times "size 64" memory leaks, which correspond to 5 times testinitiiogainscale() calls with gtstestgains size 10 (10*size(int)) and gtstestitimes size 5. It also includes 5*1 times "size 16" memory leak, which correspond to one time _testinitiiogainscale() call with gtstestgainsgainlow size 3 (3*size(int)) and gtstestitimes size 5. The reason is that the pertimegains[i] is not freed which is allocated in the "gts->numitime" for loop in iiogtsbuildavailscaletable().

References

https://security-tracker.debian.org/tracker/CVE-2024-50231

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.11.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.11.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}