Linux · Linux Kernel · CVE-2024-35847
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to a double free error in the irqchip/gic-v3-its component of the Linux kernel. This error occurs when the `its vpe init()` function fails after successfully allocating at least one interrupt, causing the `its vpe irq domain alloc()` function to free the area bitmap and the vprop page again. The error handling path in `its vpe irq domain alloc()` causes this double free. To fix this, the `its vpe irq domain free()` function is unconditionally invoked to handle all cases correctly, and the bitmap/vprop page freeing is removed from `its vpe irq domain alloc()`. This vulnerability may allow an attacker to cause a denial of service.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.