CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-26839: IB/hfi1: Fix a memleak in init_credit_return

Description

In the Linux kernel, the following vulnerability has been resolved:

IB/hfi1: Fix a memleak in init_credit_return

When dma_alloc_coherent fails to allocate dd->cr_base[i].va,
init_credit_return should deallocate dd->cr_base and
dd->cr_base[i] that allocated before. Or those resources
would be never freed and a memleak is triggered.

Classification

CVE ID: CVE-2024-26839

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.08% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3
https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8
https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7
https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25
https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b
https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896
https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2adf3670a
https://git.kernel.org/stable/c/809aa64ebff51eb170ee31a95f83b2d21efa32e2

Timeline

2024-12-20 00:34:25 UTC
CVE

IB/hfi1: Fix a memleak in init_credit_return