CVE-2024-56746

In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent() instead.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce	Patch
https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b	Patch
https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2	Patch
https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98	Patch
https://git.kernel.org/stable/c/bad37309c8b8bf1cfc893750df0951a804009ca0	Patch
https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5	Patch
https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4	Patch
https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec	Patch
https://git.kernel.org/stable/c/f89d17ae2ac42931be2a0153fecbf8533280c927	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

07 Jan 2025, 22:47

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-401
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: sh7760fb: Se solucionó una posible pérdida de memoria en sh7760fb_alloc_mem(). Cuando la información como info->screen_base no está lista, llamar a sh7760fb_free_mem() no libera la memoria correctamente. En su lugar, llame a dma_free_coherent().
CPE		cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux Linux linux Kernel
References	~~() https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce -~~	() https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce - Patch
References	~~() https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b -~~	() https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b - Patch
References	~~() https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2 -~~	() https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2 - Patch
References	~~() https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98 -~~	() https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98 - Patch
References	~~() https://git.kernel.org/stable/c/bad37309c8b8bf1cfc893750df0951a804009ca0 -~~	() https://git.kernel.org/stable/c/bad37309c8b8bf1cfc893750df0951a804009ca0 - Patch
References	~~() https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5 -~~	() https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5 - Patch
References	~~() https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4 -~~	() https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4 - Patch
References	~~() https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec -~~	() https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec - Patch
References	~~() https://git.kernel.org/stable/c/f89d17ae2ac42931be2a0153fecbf8533280c927 -~~	() https://git.kernel.org/stable/c/f89d17ae2ac42931be2a0153fecbf8533280c927 - Patch

29 Dec 2024, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-29 12:15

Updated : 2025-01-07 22:47

NVD link : CVE-2024-56746

Mitre link : CVE-2024-56746

CVE.ORG link : CVE-2024-56746

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10