{"uuid": "1c8e83aa-7676-4355-984f-34d155fecd94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35847", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14754", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35847\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Prevent double free on error\n\nThe error handling path in its_vpe_irq_domain_alloc() causes a double free\nwhen its_vpe_init() fails after successfully allocating at least one\ninterrupt. This happens because its_vpe_irq_domain_free() frees the\ninterrupts along with the area bitmap and the vprop_page and\nits_vpe_irq_domain_alloc() subsequently frees the area bitmap and the\nvprop_page again.\n\nFix this by unconditionally invoking its_vpe_irq_domain_free() which\nhandles all cases correctly and by removing the bitmap/vprop_page freeing\nfrom its_vpe_irq_domain_alloc().\n\n[ tglx: Massaged change log ]\n\ud83d\udccf Published: 2024-05-17T14:47:26.175Z\n\ud83d\udccf Modified: 2025-05-04T09:06:44.998Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f5417ff561b8ac9a7e53c747b8627a7ab58378ae\n2. https://git.kernel.org/stable/c/b72d2b1448b682844f995e660b77f2a1fabc1662\n3. https://git.kernel.org/stable/c/aa44d21574751a7d6bca892eb8e0e9ac68372e52\n4. https://git.kernel.org/stable/c/5dbdbe1133911ca7d8466bb86885adec32ad9438\n5. https://git.kernel.org/stable/c/dd681710ab77c8beafe2e263064cb1bd0e2d6ca9\n6. https://git.kernel.org/stable/c/03170e657f62c26834172742492a8cb8077ef792\n7. https://git.kernel.org/stable/c/5b012f77abde89bf0be8a0547636184fea618137\n8. https://git.kernel.org/stable/c/c26591afd33adce296c022e3480dea4282b7ef91", "creation_timestamp": "2025-05-04T09:18:08.000000Z"}