CVE-2024-53213
Published: Dec 27, 2024
Modified: Jun 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed twice: once implicitly through `usb_free_urb(dev->urb_intr)` with the `URB_FREE_BUFFER` flag and again explicitly by `kfree(buf)`. This caused a double free issue. To resolve this, reordered `kmalloc()` and `usb_alloc_urb()` calls to simplify the initialization sequence and removed the redundant `kfree(buf)`. Now, `buf` is allocated after `usb_alloc_urb()`, ensuring it is correctly managed by `usb_fill_int_urb()` and freed by `usb_free_urb()` as intended.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3281ebb3dc5ef19507e65523e9f8c00e20b285ca - < cc5aa8e3ad69dcedeba79e667d4a2efb72a305afaffected dcafa5a8452738eb28085f559b0683d55e22b2f5 - < 2970ef2fce90c661952ec2b451b0276d5f8d6180affected a6df95cae40bee555e01a37b4023ce8e97ffa249 - < 977128343fc2a30737399b58df8ea77e94f164bdaffected a6df95cae40bee555e01a37b4023ce8e97ffa249 - < a422ebec863d99d5607fb41bb7af3347fcb436d3affected a6df95cae40bee555e01a37b4023ce8e97ffa249 - < b09512aea6223eec756f52aa584fc29eeab57480+4 more versions |
Linux | Linux | affected 5.17unaffected 0 - < 5.17unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.120 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now