CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()

In the for statement of lbs_allocate_cmd_buffer(), if the allocation of
cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to
be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().

Classification

CVE ID: CVE-2024-35828

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.08% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186
https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf
https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7
https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2
https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9
https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3
https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591
https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab
https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a

Timeline