How severe is CVE-2024-26652?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2024-26652?

This is classified as CWE-415, which is a common weakness in software security.

CVE-2024-26652 - MEDIUM Severity | CVSS 4.1

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: net: pds_core: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release calls kfree(padev) to free memory. We shouldn't call kfree(padev) again in the error handling path. Fix this by cleaning up the redundant kfree() and putting the error handling back to where the errors happened.

Related Vulnerabilities

CVE-2023-7256

MEDIUM

CVSS:4.4(Medium)

In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the ...

CWE-4152023

CVE-2024-26846

MEDIUM

CVSS:4.4(Medium)

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left ...

CWE-4152024

CVE-2024-42123

MEDIUM

CVSS:4.4(Medium)

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free err_addr pointer warnings In amdgpu_umc_bad_page_polling_timeout, the amdgpu_umc_handle_bad_pages will b...

CWE-4152024

CVE-2019-15212

MEDIUM

CVSS:4.6(Medium)

An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

CWE-4152019

CVE-2023-26545

MEDIUM

CVSS:4.7(Medium)

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

CWE-4152023

CVE-2020-1862

LOW

CVSS:3.3(Low)

There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exp...

CWE-4152020