CVE-2024-43913 Information

Description

In the Linux kernel the following vulnerability has been resolved:

nvme: apple: fix device reference counting

Drivers must call nvme_uninit_ctrl after a successful nvme_init_ctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doing this wrong leaking the controller device memory on a tagset failure.

Reference

https://git.kernel.org/stable/c/d59c4d0eb6adc24c2201f153ccb7fd0a335b0d3d https://git.kernel.org/stable/c/b9ecbfa45516182cd062fecd286db7907ba84210