{ "threat_severity" : "Low", "public_date" : "2024-06-21T00:00:00Z", "bugzilla" : { "description" : "kernel: stm class: Fix a double free in stm_register_device()", "id" : "2293700", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2293700" }, "cvss3" : { "cvss3_base_score" : "5.6", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", "status" : "verified" }, "cwe" : "CWE-415", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nstm class: Fix a double free in stm_register_device()\nThe put_device(&stm->dev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.", "A vulnerability was found in the Linux kernel's stm class, where an improper memory management sequence in stm_register_device() could lead to a double-free error. This issue occurs when the put_device(&stm->dev) call triggers stm_device_release() to free \"stm\", making the subsequent vfree(stm) call redundant and potentially harmful." ], "statement" : "Red Hat assesses the impact of this vulnerability as Low because this flaw can be mitigated by blocklisting a kernel module that is not typically used in production systems, and an attacker would need elevated privileges to have complete control over the consequences of the memory corruption caused by this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-08T00:00:00Z", "advisory" : "RHSA-2024:5102", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-08T00:00:00Z", "advisory" : "RHSA-2024:5101", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-553.16.1.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-11-12T00:00:00Z", "advisory" : "RHSA-2024:9315", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-503.11.1.el9_5" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-11-12T00:00:00Z", "advisory" : "RHSA-2024:9315", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-503.11.1.el9_5" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-08-14T00:00:00Z", "advisory" : "RHSA-2024:5364", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "kernel-0:5.14.0-284.79.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-08-14T00:00:00Z", "advisory" : "RHSA-2024:5365", "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv", "package" : "kernel-rt-0:5.14.0-284.79.1.rt14.364.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2024-12-18T00:00:00Z", "advisory" : "RHSA-2024:11313", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "kernel-0:5.14.0-427.49.1.el9_4" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-38627\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-38627\nhttps://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T" ], "name" : "CVE-2024-38627", "mitigation" : { "value" : "To mitigate this issue, prevent the `stm` kernel module from being loaded. See https://access.redhat.com/solutions/41278 for information about how to prevent kernel modules from being loaded automatically.", "lang" : "en:us" }, "csaw" : false }