Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed twice: once implicitly through `usb_free_urb(dev->urb_intr)` with the `URB_FREE_BUFFER` flag and again explicitly by `kfree(buf)`. This caused a double free issue. To resolve this, reordered `kmalloc()` and `usb_alloc_urb()` calls to simplify the initialization sequence and removed the redundant `kfree(buf)`. Now, `buf` is allocated after `usb_alloc_urb()`, ensuring it is correctly managed by `usb_fill_int_urb()` and freed by `usb_free_urb()` as intended.

INFO

Published Date :

2024-12-27T13:49:58.709Z

Last Modified :

2026-03-04T13:16:08.922Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53213 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53213.

URL Resource
https://git.kernel.org/stable/c/03819abbeb11117dcbba40bfe322b88c0c88a6b6 cve-icon cve-icon
https://git.kernel.org/stable/c/7ac9f3c981eeceee2ec4d30d850f4a6f50a1ec40 cve-icon cve-icon
https://git.kernel.org/stable/c/977128343fc2a30737399b58df8ea77e94f164bd cve-icon cve-icon
https://git.kernel.org/stable/c/a422ebec863d99d5607fb41bb7af3347fcb436d3 cve-icon cve-icon
https://git.kernel.org/stable/c/b09512aea6223eec756f52aa584fc29eeab57480 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024122730-CVE-2024-53213-baa6@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-53213 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-53213 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact