{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-46673","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-11T15:12:18.247Z","datePublished":"2024-09-13T05:29:09.649Z","dateUpdated":"2025-11-03T22:16:05.090Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:31:36.152Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: aacraid: Fix double-free on probe failure\n\naac_probe_one() calls hardware-specific init functions through the\naac_driver_ident::init pointer, all of which eventually call down to\naac_init_adapter().\n\nIf aac_init_adapter() fails after allocating memory for aac_dev::queues,\nit frees the memory but does not clear that member.\n\nAfter the hardware-specific init function returns an error,\naac_probe_one() goes down an error path that frees the memory pointed to\nby aac_dev::queues, resulting.in a double-free."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/aacraid/comminit.c"],"versions":[{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"d237c7d06ffddcdb5d36948c527dc01284388218","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"564e1986b00c5f05d75342f8407f75f0a17b94df","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"9e96dea7eff6f2bbcd0b42a098012fc66af9eb69","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"85449b28ff6a89c4513115e43ddcad949b5890c9","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"60962c3d8e18e5d8dfa16df788974dd7f35bd87a","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"8a3995a3ffeca280a961b59f5c99843d81b15929","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"4b540ec7c0045c2d01c4e479f34bbc8f147afa4c","status":"affected","versionType":"git"},{"version":"8e0c5ebde82b08f6d996e11983890fc4cc085fab","lessThan":"919ddf8336f0b84c0453bac583808c9f165a85c2","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/aacraid/comminit.c"],"versions":[{"version":"2.6.15","status":"affected"},{"version":"0","lessThan":"2.6.15","status":"unaffected","versionType":"semver"},{"version":"4.19.321","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.283","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.225","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.166","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.108","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.49","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.8","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"4.19.321"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.4.283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.10.225"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"5.15.166"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"6.1.108"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"6.6.49"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"6.10.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.15","versionEndExcluding":"6.11"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/d237c7d06ffddcdb5d36948c527dc01284388218"},{"url":"https://git.kernel.org/stable/c/564e1986b00c5f05d75342f8407f75f0a17b94df"},{"url":"https://git.kernel.org/stable/c/9e96dea7eff6f2bbcd0b42a098012fc66af9eb69"},{"url":"https://git.kernel.org/stable/c/85449b28ff6a89c4513115e43ddcad949b5890c9"},{"url":"https://git.kernel.org/stable/c/60962c3d8e18e5d8dfa16df788974dd7f35bd87a"},{"url":"https://git.kernel.org/stable/c/8a3995a3ffeca280a961b59f5c99843d81b15929"},{"url":"https://git.kernel.org/stable/c/4b540ec7c0045c2d01c4e479f34bbc8f147afa4c"},{"url":"https://git.kernel.org/stable/c/919ddf8336f0b84c0453bac583808c9f165a85c2"}],"title":"scsi: aacraid: Fix double-free on probe failure","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-29T15:45:02.828351Z","id":"CVE-2024-46673","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-29T15:45:17.225Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:16:05.090Z"}}]}}