CVE-2024-56746

MEDIUM

Linux Kernel - Use-After-Free in sh7760fb Memory Allocation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent() instead.

References (10)

Core 10

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Patch

https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce

Patch

https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4

Patch

https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b

Patch

https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec

Patch

https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98

Patch

https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2

Patch

https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5

Patch

https://git.kernel.org/stable/c/bad37309c8b8bf1cfc893750df0951a804009ca0

Patch

https://git.kernel.org/stable/c/f89d17ae2ac42931be2a0153fecbf8533280c927

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 11.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (29)

linux/Kernel 2.6.27 - 4.19.325linux

linux/Kernel 4.20.0 - 5.4.287linux

linux/Kernel 5.11.0 - 5.15.174linux

linux/Kernel 5.16.0 - 6.1.120linux

linux/Kernel 5.5.0 - 5.10.231linux

linux/Kernel 6.12.0 - 6.12.2linux

linux/Kernel 6.2.0 - 6.6.64linux

linux/Kernel 6.7.0 - 6.11.11linux

Linux/Linux < 2.6.27

Linux/Linux 2.6.27

... and 19 more

Published Dec 29, 2024

Tracked Since Feb 18, 2026