CVE-2024-50071

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a double free vulnerability in the ma35 pinctrl dt node to map func() function within the drivers/pinctrl/nuvoton/pinctrl-ma35.c module of the Linux kernel. This vulnerability can be exploited to impact the confidentiality, integrity, and availability of protected information. The problem arises because new map is allocated using devm *, which automatically frees the allocated data on device removal. However, a call to dt free map = pinconf generic dt free map results in a double free, as pinconf generic dt free map() calls pinctrl utils free map().

Recommendations To resolve the issue, use kcalloc() instead of auto-managed devm kcalloc() for allocating new map. This change prevents the double free vulnerability by ensuring that the memory is not automatically freed by devm * when the device is removed, thus avoiding the conflict with the manual free operation performed by pinconf generic dt free map().