CVE-2024-35828

In the Linux kernel, the following vulnerability has been resolved:

wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()

In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().

Published: May 17, 2024
Updated: May 4, 2025
CVE: CVE-2024-35828
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-401

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.7	6.7.11
linux / linux_kernel	6.2	6.6.23
linux / linux_kernel	5.16	6.1.83
linux / linux_kernel	5.11	5.15.153
linux / linux_kernel	5.5	5.10.214
linux / linux_kernel	4.20	5.4.273
linux / linux_kernel	6.8	6.8.2
linux / linux_kernel	2.6.22	4.19.311
debian / debian_linux	10.0	10.0.x

https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9
https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a
https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab
https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186
https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf
https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591
https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3
https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2
https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Vulnerability Database

289,599

CVE-2024-35828