Memory Leak Flaw Discovered in Linux Kernel's UBI Driver
CVE-2024-25740

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux Kernel
Vendor: CVE Published:; 12 February 2024

What is CVE-2024-25740?

A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.

References

https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a3...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2024