Description
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.
Product status
22fbbc37edb840fd420fadf670366be9bf028426 (git) before ca9818554b0f33e87f38e4bfa2dac056692d46cc
54cb5fa850f9306d84e49a3db44b7a7eb5536cd1 (git) before 1562871ef613fa9492aa0310933eff785166a90e
5fe7709251e334cc27618473299c48340cecd3c8 (git) before 3d825a241e65f7e3072978729e79d735ec40b80e
24cbc37e837fd9e31e5024480b779207d1d99f1d (git) before 6ea15205d7e2b811fbbdf79783f686f58abfb4b7
f1290871c8aaeb13029390a2b6e5c05733a1be6f (git) before dd45c87782738715d5e7c167f8dabf0814a7394a
8ac19ec818c548c5788da5926dcc8af96fad4bb1 (git) before d2f090ea57f8d6587e09d4066f740a8617767b3d
6d734f1bfc336aaea91313a5632f2f197608fadd (git) before d8e4771f99c0400a1873235704b28bb803c83d17
2014fcea19ec27df033359a0f42db0e8ed4290a8 (git)
bdd11a04d102f8310812aa7cec39545fdd6662d1 (git)
5.4.287 (semver) before 5.4.289
5.10.231 (semver) before 5.10.233
5.15.174 (semver) before 5.15.176
6.1.120 (semver) before 6.1.123
6.6.64 (semver) before 6.6.69
6.12.2 (semver) before 6.12.8
References
lists.debian.org/debian-lts-announce/2025/03/msg00001.html
lists.debian.org/debian-lts-announce/2025/03/msg00002.html
git.kernel.org/...c/ca9818554b0f33e87f38e4bfa2dac056692d46cc
git.kernel.org/...c/1562871ef613fa9492aa0310933eff785166a90e
git.kernel.org/...c/3d825a241e65f7e3072978729e79d735ec40b80e
git.kernel.org/...c/6ea15205d7e2b811fbbdf79783f686f58abfb4b7
git.kernel.org/...c/dd45c87782738715d5e7c167f8dabf0814a7394a
git.kernel.org/...c/d2f090ea57f8d6587e09d4066f740a8617767b3d
git.kernel.org/...c/d8e4771f99c0400a1873235704b28bb803c83d17