GHSA-6264-3HHV-77HG
Vulnerability from github – Published: 2024-05-17 15:31 – Updated: 2026-05-12 12:31
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-35828"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T14:15:18Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\n\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().",
"id": "GHSA-6264-3hhv-77hg",
"modified": "2026-05-12T12:31:47Z",
"published": "2024-05-17T15:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35828"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…