CVE-2024-50055

HIGH EPSS 16.4%

Published Oct 21, 20241y ago · Modified Jun 18, 20261w ago

7.8 CVSS 3.1

High

Published Oct 21, 2024 1y ago

Last Modified Jun 18, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the first free.

CVSS Details

Base Score

7.8

Exploitability

1.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

16.4% percentile

Exploit & Patch Status

No Known Exploit

Patch Available

Weaknesses 1

CWE-415

Affected Products 7

Vendor	Product	Version	Range
debian	debian_linux	11.0	any
linux	linux_kernel	*	<5.4.291
linux	linux_kernel	*	≥5.5 – <5.10.231
linux	linux_kernel	*	≥5.11 – <5.15.174
linux	linux_kernel	*	≥5.16 – <6.1.120
linux	linux_kernel	*	≥6.2 – <6.6.57
linux	linux_kernel	*	≥6.7 – <6.11.4

References 5

git.kernel.org https://git.kernel.org/stable/c/9ce15f68abedfae7ae0a35e95895aeddfd0f0c6a

Patch
git.kernel.org https://git.kernel.org/stable/c/bfa54a793ba77ef696755b66f3ac4ed00c7d1248

Patch
git.kernel.org https://git.kernel.org/stable/c/d885c464c25018b81a6b58f5d548fc2e3ef87dd1

Patch
lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Mailing ListThird Party Advisory
lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Mailing ListThird Party Advisory

Remediation

git.kernel.org https://git.kernel.org/stable/c/9ce15f68abedfae7ae0a35e95895aeddfd0f0c6a

Patch
git.kernel.org https://git.kernel.org/stable/c/bfa54a793ba77ef696755b66f3ac4ed00c7d1248

Patch
git.kernel.org https://git.kernel.org/stable/c/d885c464c25018b81a6b58f5d548fc2e3ef87dd1

Patch