High severity7.8NVD Advisory· Published Feb 27, 2025· Updated Jun 17, 2026
CVE-2024-58003
CVE-2024-58003
Description
In the Linux kernel, the following vulnerability has been resolved:
media: i2c: ds90ub9x3: Fix extra fwnode_handle_put()
The ub913 and ub953 drivers call fwnode_handle_put(priv->sd.fwnode) as part of their remove process, and if the driver is removed multiple times, eventually leads to put "overflow", possibly causing memory corruption or crash.
The fwnode_handle_put() is a leftover from commit 905f88ccebb1 ("media: i2c: ds90ub9x3: Fix sub-device matching"), which changed the code related to the sd.fwnode, but missed removing these fwnode_handle_put() calls.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coordsRange: < 6.11.0-1014.15
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.