NVD

Vulnerability Change Records for CVE-2024-50190

Change History

New CVE Received by NIST 11/08/2024 1:15:15 AM

Action

Type

Old Value

New Value

Added

Description

In the Linux kernel, the following vulnerability has been resolved:

ice: fix memleak in ice_init_tx_topology()

Fix leak of the FW blob (DDP pkg).

Make ice_cfg_tx_topo() const-correct, so ice_init_tx_topology() can avoid
copying whole FW blob. Copy just the topology section, and only when
needed. Reuse the buffer allocated for the read of the current topology.

This was found by kmemleak, with the following trace for each PF:
    [<ffffffff8761044d>] kmemdup_noprof+0x1d/0x50
    [<ffffffffc0a0a480>] ice_init_ddp_config+0x100/0x220 [ice]
    [<ffffffffc0a0da7f>] ice_init_dev+0x6f/0x200 [ice]
    [<ffffffffc0a0dc49>] ice_init+0x29/0x560 [ice]
    [<ffffffffc0a10c1d>] ice_probe+0x21d/0x310 [ice]

Constify ice_cfg_tx_topo() @buf parameter.
This cascades further down to few more functions.

Added

Reference

kernel.org https://git.kernel.org/stable/c/43544b4e30732c3d88f423252281915d5bc739b6 [No types assigned]

Added

Reference

kernel.org https://git.kernel.org/stable/c/c188afdc36113760873ec78cbc036f6b05f77621 [No types assigned]

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Vulnerability Change Records for CVE-2024-50190

Change History

New CVE Received by NIST 11/08/2024 1:15:15 AM