CVE-2024-40934

MEDIUM

Linux Kernel - Use-After-Free in HID Logitech DJ Receiver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.

References (10)

Core 10

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Patch

https://git.kernel.org/stable/c/15122dc140d82c51c216535c57b044c4587aae45

Patch

https://git.kernel.org/stable/c/caa9c9acb93db7ad7b74b157cf101579bac9596d

Patch

https://git.kernel.org/stable/c/a0503757947f2e46e59c1962326b53b3208c8213

Patch

https://git.kernel.org/stable/c/789c99a1d7d2c8f6096d75fc2930505840ec9ea0

Patch

https://git.kernel.org/stable/c/f677ca8cfefee2a729ca315f660cd4868abdf8de

Patch

https://git.kernel.org/stable/c/1df2ead5dfad5f8f92467bd94889392d53100b98

Patch

https://git.kernel.org/stable/c/ce3af2ee95170b7d9e15fff6e500d67deab1e7b3

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 17.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (32)

linux/Kernel < 5.4.279linux

linux/Kernel 5.11.0 - 5.15.162linux

linux/Kernel 5.16.0 - 6.1.95linux

linux/Kernel 5.5.0 - 5.10.221linux

linux/Kernel 6.2.0 - 6.6.35linux

linux/Kernel 6.6.0 - 6.9.6linux

Linux/Linux < 6.6

Linux/Linux 00ab92481d3a40a5ad323df4c518068f66ce49f1

Linux/Linux 144becd79c196f02143ca71fc10766bd0cc660a1

Linux/Linux 4fb28379b3c735398b252a979c991b340baa6b5b - a0503757947f2e46e59c1962326b53b3208c8213

... and 22 more

Published Jul 12, 2024

Tracked Since Feb 18, 2026