CVE-2024-46673
Published: Sep 13, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aac_init_adapter() fails after allocating memory for aac_dev::queues, it frees the memory but does not clear that member. After the hardware-specific init function returns an error, aac_probe_one() goes down an error path that frees the memory pointed to by aac_dev::queues, resulting.in a double-free.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8e0c5ebde82b08f6d996e11983890fc4cc085fab - < d237c7d06ffddcdb5d36948c527dc01284388218affected 8e0c5ebde82b08f6d996e11983890fc4cc085fab - < 564e1986b00c5f05d75342f8407f75f0a17b94dfaffected 8e0c5ebde82b08f6d996e11983890fc4cc085fab - < 9e96dea7eff6f2bbcd0b42a098012fc66af9eb69affected 8e0c5ebde82b08f6d996e11983890fc4cc085fab - < 85449b28ff6a89c4513115e43ddcad949b5890c9affected 8e0c5ebde82b08f6d996e11983890fc4cc085fab - < 60962c3d8e18e5d8dfa16df788974dd7f35bd87a+3 more versions |
Linux | Linux | affected 2.6.15unaffected 0 - < 2.6.15unaffected 4.19.321 - <= 4.19.*unaffected 5.4.283 - <= 5.4.*unaffected 5.10.225 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now