Bug 1227799 (CVE-2024-40939) - VUL-0: CVE-2024-40939: kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail
Summary: VUL-0: CVE-2024-40939: kernel: net: wwan: iosm: Fix tainted pointer delete is...
Status: NEW
Alias: CVE-2024-40939
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Denis Kirjanov
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/413866/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-40939:5.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-07-15 12:42 UTC by SMASH SMASH
Modified: 2024-07-17 14:26 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-07-15 12:42:08 UTC 
In the Linux kernel, the following vulnerability has been resolved:

net: wwan: iosm: Fix tainted pointer delete is case of region creation fail

In case of region creation fail in ipc_devlink_create_region(), previously
created regions delete process starts from tainted pointer which actually
holds error code value.
Fix this bug by decreasing region index before delete.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-40939
https://www.cve.org/CVERecord?id=CVE-2024-40939
https://git.kernel.org/stable/c/040d9384870386eb5dc55472ac573ac7756b2050
https://git.kernel.org/stable/c/37a438704d19bdbe246d51d3749b6b3a8fe65afd
https://git.kernel.org/stable/c/b0c9a26435413b81799047a7be53255640432547
https://git.kernel.org/stable/c/fe394d59cdae81389dbf995e87c83c1acd120597
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-40939.mbox