CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-56676: thermal: testing: Initialize some variables annoteded with _free()

Description

In the Linux kernel, the following vulnerability has been resolved:

thermal: testing: Initialize some variables annoteded with _free()

Variables annotated with __free() need to be initialized if the function
can return before they get updated for the first time or the attempt to
free the memory pointed to by them upon function return may crash the
kernel.

Fix this issue in some places in the thermal testing code.

Classification

CVE ID: CVE-2024-56676

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.48% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/526c132124a62be486bad1701f7e8e92212ccec6
https://git.kernel.org/stable/c/0104dcdaad3a7afd141e79a5fb817a92ada910ac

Timeline

2024-12-29 00:30:31 UTC
CVE

thermal: testing: Initialize some variables annoteded with _free()