Description
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aac_init_adapter() fails after allocating memory for aac_dev::queues, it frees the memory but does not clear that member. After the hardware-specific init function returns an error, aac_probe_one() goes down an error path that frees the memory pointed to by aac_dev::queues, resulting.in a double-free.
References (10)
Core 10
Core References
Scores
CVSS v3
7.8
EPSS
0.0029
EPSS Percentile
20.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-415
Status
published
Products (27)
linux/Kernel
2.6.15 - 4.19.321linux
linux/Kernel
4.20.0 - 5.4.283linux
linux/Kernel
5.11.0 - 5.15.166linux
linux/Kernel
5.16.0 - 6.1.108linux
linux/Kernel
5.5.0 - 5.10.225linux
linux/Kernel
6.2.0 - 6.6.49linux
linux/Kernel
6.7.0 - 6.10.8linux
Linux/Linux
< 2.6.15
Linux/Linux
2.6.15
Linux/Linux
4.19.321 - 4.19.*
... and 17 more
Published
Sep 13, 2024
Tracked Since
Feb 18, 2026