Aisheng Dong

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.8.0-rc5-next-20240220-05616-g52728c567a55 **Description** The issue is related to a double-free problem in the `tcpm port unregister pd()` function. When unregistering pd capabilities in tcpm, KASAN captures a double-free issue. The root cause is that the same capability is freed twice, first by `pd capabilities release()` and then explicitly by `tcpm port unregister pd()`. This can lead to a denial of service or other unspecified impact. **Recommendations** To fix the issue, remove the `kree()` call from `tcpm port unregister pd()`. At the moment, there is no information about a newer version that contains a fix for this vulnerability.