CVE-2024-57887

HIGH

Linux Kernel 4.8-6.1.125, 5.11-6.1.125, 6.2-6.6.70, 6.7-6.12.9 - Use-After-Free in adv7533_attach_dsi()

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue by dropping of_node_put() in adv7533_parse_dt() and calling of_node_put() in error path of probe() and also in the remove().

References (7)

Core 7

Scores

CVSS v3 7.8
EPSS 0.0021
EPSS Percentile 10.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-416
Status published
Products (18)
linux/Kernel 4.8.0 - 5.10.234linux
linux/Kernel 5.11.0 - 6.1.125linux
linux/Kernel 6.2.0 - 6.6.70linux
linux/Kernel 6.7.0 - 6.12.9linux
Linux/Linux < 4.8
Linux/Linux 1e4d58cd7f888522d16f221d628356befbb08468 - 1f49aaf55652580ae63ab83d67211fe6a55d83dc
Linux/Linux 1e4d58cd7f888522d16f221d628356befbb08468 - 81adbd3ff21c1182e06aa02c6be0bfd9ea02d8e8
Linux/Linux 1e4d58cd7f888522d16f221d628356befbb08468 - acec80d9f126cd3fa764bbe3d96bc0cb5cd2b087
Linux/Linux 1e4d58cd7f888522d16f221d628356befbb08468 - ca9d077350fa21897de8bf64cba23b198740aab5
Linux/Linux 1e4d58cd7f888522d16f221d628356befbb08468 - d208571943ffddc438a7ce533d5d0b9219806242
... and 8 more
Published Jan 15, 2025
Tracked Since Feb 18, 2026