CVE-2024-57980
Description
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kfree() call in uvc_status_cleanup() trying to double-free the memory. Fix it by resetting the dev->status pointer to NULL after freeing it. Reviewed by: Ricardo Ribalda <ribalda@chromium.org>
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-11299.html
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2025:11299
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-11298.html
Vendor advisory: alma — https://bugzilla.redhat.com/2363378
Vendor advisory: alma — https://bugzilla.redhat.com/2363305
Vendor advisory: alma — https://bugzilla.redhat.com/2363268
Vendor advisory: alma — https://bugzilla.redhat.com/2357142
Vendor advisory: alma — https://bugzilla.redhat.com/2356917
Vendor advisory: alma — https://bugzilla.redhat.com/2348513
Vendor advisory: alma — https://bugzilla.redhat.com/2348254
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2025:11298
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-11861.html
Vendor advisory: alma — https://bugzilla.redhat.com/2376035
Vendor advisory: alma — https://bugzilla.redhat.com/2375305
Vendor advisory: alma — https://bugzilla.redhat.com/2367572
Vendor advisory: alma — https://bugzilla.redhat.com/2363672
Vendor advisory: alma — https://bugzilla.redhat.com/2360219
Vendor advisory: alma — https://bugzilla.redhat.com/2360212
Vendor advisory: alma — https://bugzilla.redhat.com/2360199
Vendor advisory: alma — https://bugzilla.redhat.com/2360186
Vendor advisory: alma — https://bugzilla.redhat.com/2356613
Vendor advisory: alma — https://bugzilla.redhat.com/2348599
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2024-57980
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:11861
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2024-57980.html
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:11298
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:11299
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:11861
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 8 | fixed | |
| sles | affected | | |
| rocky | 9 | fixed | |
| debian | bookworm | fixed | 6.1.129-1 |
| debian | bullseye | fixed | 5.10.237-1 |
| debian | forky | fixed | 6.12.13-1 |
| debian | sid | fixed | 6.12.13-1 |
| debian | trixie | fixed | 6.12.13-1 |
References
- https://access.redhat.com/errata/RHSA-2025:11861
- https://errata.rockylinux.org/RLSA-2025:11299
- https://errata.rockylinux.org/RLSA-2025:11298
- https://www.suse.com/security/cve/CVE-2024-57980.html
- https://errata.rockylinux.org/RLSA-2025:11861
- https://security-tracker.debian.org/tracker/CVE-2024-57980
- https://bugzilla.redhat.com/2348599
- https://bugzilla.redhat.com/2356613
- https://bugzilla.redhat.com/2360186
- https://bugzilla.redhat.com/2360199
- https://bugzilla.redhat.com/2360212
- https://bugzilla.redhat.com/2360219
- https://bugzilla.redhat.com/2363672
- https://bugzilla.redhat.com/2367572
- https://bugzilla.redhat.com/2375305
- https://bugzilla.redhat.com/2376035
- https://errata.almalinux.org/9/ALSA-2025-11861.html
- https://access.redhat.com/errata/RHSA-2025:11298
- https://bugzilla.redhat.com/2348254
- https://bugzilla.redhat.com/2348513
- https://bugzilla.redhat.com/2356917
- https://bugzilla.redhat.com/2357142
- https://bugzilla.redhat.com/2363268
- https://bugzilla.redhat.com/2363305
- https://bugzilla.redhat.com/2363378
Verify integrity in audit chain (admin only). AS-IS.