CVE-2024-35828

low-risk
Published 2024-05-17

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (2)

Affected Vendors

Debian Linux

References (20)

Patch https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9
Patch https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a
Patch https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab
Patch https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186
Patch https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf
Patch https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591
Patch https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3
Patch https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2
Patch https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7
Patch https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9
Patch https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a
Patch https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab
Patch https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186
Patch https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf
Patch https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591
Patch https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3
Patch https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2
Patch https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7
Mailing List https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Mailing List https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
25
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 7/34 · Low