Vulnerabilities > CVE-2024-49986 - Use After Free vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors x86_android_tablet_remove() frees the pdevs[] array, so it should not be used after calling x86_android_tablet_remove(). When platform_device_register() fails, store the pdevs[x] PTR_ERR() value into the local ret variable before calling x86_android_tablet_remove() to avoid using pdevs[] after it has been freed.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/aac871e493fc8809e60209d9899b1af07e9dbfc8
- https://git.kernel.org/stable/c/f08adc5177bd4343df09033f62ab562c09ba7f7d
- https://git.kernel.org/stable/c/73a98cf79e4dbfa3d0c363e826c65aae089b313c
- https://git.kernel.org/stable/c/2fae3129c0c08e72b1fe93e61fd8fd203252094a
- https://git.kernel.org/stable/c/ba0b09a2f327319e252d8f3032019b958c0a5cd9