Description

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The free_device_compression_mode(iaa_device, device_mode) function frees "device_mode" but it iss passed to iaa_compression_modes[i]->free() a few lines later resulting in a use after free. The good news is that, so far as I can tell, nothing implements the ->free() function and the use after free happens in dead code. But, with this fix, when something does implement it, we'll be ready. :)

INFO

Published Date :

2024-10-21T12:14:03.863Z

Last Modified :

2025-05-04T09:38:29.225Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-47732 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47732.

URL Resource
https://git.kernel.org/stable/c/b5d534b473e2c8d3e4560be2dd6c12a8eb9d61e9 cve-icon cve-icon
https://git.kernel.org/stable/c/c66f0be993ba52410edab06124c54ecf143b05c1 cve-icon cve-icon
https://git.kernel.org/stable/c/e0d3b845a1b10b7b5abdad7ecc69d45b2aab3209 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024102106-CVE-2024-47732-f8aa@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-47732 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-47732 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact