VYPR
Unrated severityNVD Advisory· Published Sep 13, 2024· Updated Nov 3, 2025

scsi: aacraid: Fix double-free on probe failure

CVE-2024-46673

Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: aacraid: Fix double-free on probe failure

aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter().

If aac_init_adapter() fails after allocating memory for aac_dev::queues, it frees the memory but does not clear that member.

After the hardware-specific init function returns an error, aac_probe_one() goes down an error path that frees the memory pointed to by aac_dev::queues, resulting.in a double-free.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

113

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.