CVE-2024-27388

SUNRPC: fix some memleaks in gssx_dec_option_array

Description

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.

INFO

Published Date :

2024-05-01T13:05:05.518Z

Last Modified :

2025-05-04T09:03:54.661Z

Source :

Linux

AFFECTED PRODUCTS

The following products are affected by CVE-2024-27388 vulnerability.

Vendors	Products
Debian	Debian Linux
Linux	Linux Kernel
Redhat	Enterprise Linux

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-27388.

URL	Resource
https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d
https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3
https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c
https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4
https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69
https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364
https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8
https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8
https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27388-04eb@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-27388
https://www.cve.org/CVERecord?id=CVE-2024-27388

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact