VYPR
Unrated severityNVD Advisory· Published Oct 29, 2024· Updated Oct 1, 2025

pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()

CVE-2024-50071

Description

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()

'new_map' is allocated using devm_* which takes care of freeing the allocated data on device removal, call to

.dt_free_map = pinconf_generic_dt_free_map

double frees the map as pinconf_generic_dt_free_map() calls pinctrl_utils_free_map().

Fix this by using kcalloc() instead of auto-managed devm_kcalloc().

Affected products

12

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.