{"id":"CVE-2024-53213","summary":"net: usb: lan78xx: Fix double free issue with interrupt buffer allocation","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: lan78xx: Fix double free issue with interrupt buffer allocation\n\nIn lan78xx_probe(), the buffer `buf` was being freed twice: once\nimplicitly through `usb_free_urb(dev-\u003eurb_intr)` with the\n`URB_FREE_BUFFER` flag and again explicitly by `kfree(buf)`. This caused\na double free issue.\n\nTo resolve this, reordered `kmalloc()` and `usb_alloc_urb()` calls to\nsimplify the initialization sequence and removed the redundant\n`kfree(buf)`.  Now, `buf` is allocated after `usb_alloc_urb()`, ensuring\nit is correctly managed by  `usb_fill_int_urb()` and freed by\n`usb_free_urb()` as intended.","modified":"2026-03-20T12:40:49.811934Z","published":"2024-12-27T13:49:58.709Z","related":["SUSE-SU-2025:0117-1","SUSE-SU-2025:0153-1","SUSE-SU-2025:0154-1","SUSE-SU-2025:0201-1","SUSE-SU-2025:0201-2","SUSE-SU-2025:0229-1","SUSE-SU-2025:0289-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7276-1","USN-7277-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53213.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/03819abbeb11117dcbba40bfe322b88c0c88a6b6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7ac9f3c981eeceee2ec4d30d850f4a6f50a1ec40"},{"type":"WEB","url":"https://git.kernel.org/stable/c/977128343fc2a30737399b58df8ea77e94f164bd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a422ebec863d99d5607fb41bb7af3347fcb436d3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b09512aea6223eec756f52aa584fc29eeab57480"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53213.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53213"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a6df95cae40bee555e01a37b4023ce8e97ffa249"},{"fixed":"977128343fc2a30737399b58df8ea77e94f164bd"},{"fixed":"a422ebec863d99d5607fb41bb7af3347fcb436d3"},{"fixed":"b09512aea6223eec756f52aa584fc29eeab57480"},{"fixed":"7ac9f3c981eeceee2ec4d30d850f4a6f50a1ec40"},{"fixed":"03819abbeb11117dcbba40bfe322b88c0c88a6b6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"3281ebb3dc5ef19507e65523e9f8c00e20b285ca"},{"last_affected":"dcafa5a8452738eb28085f559b0683d55e22b2f5"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53213.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}