Bugzilla – Bug 1224711
VUL-0: CVE-2024-27433: kernel: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()
Last modified: 2024-05-23 11:58:20 UTC
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() 'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling mtk_free_clk_data() explicitly in the remove function would lead to a double-free. Remove the redundant call. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-27433 https://www.cve.org/CVERecord?id=CVE-2024-27433 https://git.kernel.org/stable/c/a32e88f2b20259f5fe4f8eed598bbc85dc4879ed https://git.kernel.org/stable/c/de3340533bd68a7b3d6be1841b8eb3fa6c762fe6 https://git.kernel.org/stable/c/f3633fed984f1db106ff737a0bb52fadb2d89ac7 https://git.kernel.org/stable/c/fa761ce7a1d15cca1a306b3635f81a22b15fee5b https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-27433.mbox https://bugzilla.redhat.com/show_bug.cgi?id=2281137
https://www.suse.com/security/cve/CVE-2024-27433.html cvss 5.5
joeyli@linux-691t:/mnt/working/source_code-git/kernel-source> ./scripts/check-kernel-fix CVE-2024-27433 a32e88f2b202 ("clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()") merged v6.9-rc1~100^2~3^4~8 Fixes: c50e2ea6507b ("clk: mediatek: mt7622-apmixedsys: Add .remove() callback for module build") merged v6.4-rc1~74^2~4^2~52 Security fix for CVE-2024-27433 bsc#1224711 with CVSS 5.5 Experts candidates: tiwai@suse.de .............................. ACTION NEEDED! SLE15-SP6: MANUAL: backport a32e88f2b20259f5fe4f8eed598bbc85dc4879ed (Fixes c50e2ea6507b)