CVE-2024-56708

HIGH EPSS 15.6%
Published Dec 28, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Dec 28, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation fault on module unload The segmentation fault happens because: During modprobe: 1. In igen6_probe(), igen6_pvt will be allocated with kzalloc() 2. In igen6_register_mci(), mci->pvt_info will point to &igen6_pvt->imc[mc] During rmmod: 1. In mci_release() in edac_mc.c, it will kfree(mci->pvt_info) 2. In igen6_remove(), it will kfree(igen6_pvt); Fix this issue by setting mci->pvt_info to NULL to avoid the double kfree.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
15.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-415

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.11  –  <5.15.174
linuxlinux_kernel*≥5.16  –  <6.1.120
linuxlinux_kernel*≥6.2  –  <6.6.64
linuxlinux_kernel*≥6.7  –  <6.11.11
linuxlinux_kernel*≥6.12  –  <6.12.2

References 7

  • git.kernel.org https://git.kernel.org/stable/c/029ac07bb92d2f7502d47a4916f197a8445d83bf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2a80e710bbc088a2511c159ee4d910456c5f0832
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/830cabb61113d92a425dd3038ccedbdfb3c8d079
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/db60326f2c47b079e36785ace621eb3002db2088
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5c7052664b61f9e2f896702d20552707d0ef60a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fefaae90398d38a1100ccd73b46ab55ff4610fba
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/029ac07bb92d2f7502d47a4916f197a8445d83bf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2a80e710bbc088a2511c159ee4d910456c5f0832
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/830cabb61113d92a425dd3038ccedbdfb3c8d079
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/db60326f2c47b079e36785ace621eb3002db2088
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5c7052664b61f9e2f896702d20552707d0ef60a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fefaae90398d38a1100ccd73b46ab55ff4610fba
    Patch