CVE-2024-42069 Information

Description

In the Linux kernel the following vulnerability has been resolved:

net: mana: Fix possible double free in error handling path

When auxiliary_device_add() returns error and then calls auxiliary_device_uninit() callback function adev_release calls kfree(madev). We shouldn’t call kfree(madev) again in the error handling path. Set ‘madev’ to NULL.

Reference

https://git.kernel.org/stable/c/3243e64eb4d897c3eeb48b2a7221ab5a95e1282a https://git.kernel.org/stable/c/ed45c0a0b662079d4c0e518014cc148c753979b4 https://git.kernel.org/stable/c/1864b8224195d0e43ddb92a8151f54f6562090cc