CVE-2024-56766
Published: 06 January 2025
Description
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.
Security Summary
CVE-2024-56766 is a double free vulnerability (CWE-415) in the Linux kernel's MTD raw NAND subsystem, specifically within the atmel_pmecc_create_user() function. The issue arises because the "user" pointer allocation was changed from kzalloc() to devm_kzalloc(), but the code still calls kfree() on it, resulting in a double free. It affects Linux kernel versions prior to the application of the relevant stable patches and has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of user interaction requirements. Successful exploitation could lead to high impacts on confidentiality, integrity, and availability, potentially allowing arbitrary code execution, data corruption, or system crashes within the kernel context.
Mitigation is provided through upstream kernel patches available in the following stable commit references: https://git.kernel.org/stable/c/1562871ef613fa9492aa0310933eff785166a90e, https://git.kernel.org/stable/c/3d825a241e65f7e3072978729e79d735ec40b80e, https://git.kernel.org/stable/c/6ea15205d7e2b811fbbdf79783f686f58abfb4b7, https://git.kernel.org/stable/c/ca9818554b0f33e87f38e4bfa2dac056692d46cc, and https://git.kernel.org/stable/c/d2f090ea57f8d6587e09d4066f740a8617767b3d. Security practitioners should update affected Linux kernels to incorporate these fixes.
Details
- CWE(s)