CVE-2024-44971
Published: Sep 4, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() bcm_sf2_mdio_register() calls of_phy_find_device() and then phy_device_remove() in a loop to remove existing PHY devices. of_phy_find_device() eventually calls bus_find_device(), which calls get_device() on the returned struct device * to increment the refcount. The current implementation does not decrement the refcount, which causes memory leak. This commit adds the missing phy_device_free() call to decrement the refcount via put_device() to balance the refcount.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 771089c2a485958e423f305e974303760167b45c - < b7b8d9f5e679af60c94251fd6728dde34be69a71affected 771089c2a485958e423f305e974303760167b45c - < c05516c072903f6fb9134b8e7e1ad4bffcdc4819affected 771089c2a485958e423f305e974303760167b45c - < 7feef10768ea71d468d9bbc1e0d14c461876768caffected 771089c2a485958e423f305e974303760167b45c - < a7d2808d67570e6acae45c2a96e0d59986888e4caffected 771089c2a485958e423f305e974303760167b45c - < f3d5efe18a11f94150fee8b3fda9d62079af640a+1 more versions |
Linux | Linux | affected 5.10unaffected 0 - < 5.10unaffected 5.10.224 - <= 5.10.*unaffected 5.15.165 - <= 5.15.*unaffected 6.1.105 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now