{"id":"CVE-2024-56766","summary":"mtd: rawnand: fix double free in atmel_pmecc_create_user()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: fix double free in atmel_pmecc_create_user()\n\nThe \"user\" pointer was converted from being allocated with kzalloc() to\nbeing allocated by devm_kzalloc().  Calling kfree(user) will lead to a\ndouble free.","modified":"2026-03-20T12:41:00.845941Z","published":"2025-01-06T16:20:44.676Z","related":["MGASA-2025-0030","MGASA-2025-0032","SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56766.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1562871ef613fa9492aa0310933eff785166a90e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3d825a241e65f7e3072978729e79d735ec40b80e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6ea15205d7e2b811fbbdf79783f686f58abfb4b7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ca9818554b0f33e87f38e4bfa2dac056692d46cc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d2f090ea57f8d6587e09d4066f740a8617767b3d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d8e4771f99c0400a1873235704b28bb803c83d17"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dd45c87782738715d5e7c167f8dabf0814a7394a"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56766.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56766"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"22fbbc37edb840fd420fadf670366be9bf028426"},{"fixed":"ca9818554b0f33e87f38e4bfa2dac056692d46cc"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"54cb5fa850f9306d84e49a3db44b7a7eb5536cd1"},{"fixed":"1562871ef613fa9492aa0310933eff785166a90e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5fe7709251e334cc27618473299c48340cecd3c8"},{"fixed":"3d825a241e65f7e3072978729e79d735ec40b80e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"24cbc37e837fd9e31e5024480b779207d1d99f1d"},{"fixed":"6ea15205d7e2b811fbbdf79783f686f58abfb4b7"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f1290871c8aaeb13029390a2b6e5c05733a1be6f"},{"fixed":"dd45c87782738715d5e7c167f8dabf0814a7394a"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8ac19ec818c548c5788da5926dcc8af96fad4bb1"},{"fixed":"d2f090ea57f8d6587e09d4066f740a8617767b3d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6d734f1bfc336aaea91313a5632f2f197608fadd"},{"fixed":"d8e4771f99c0400a1873235704b28bb803c83d17"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"2014fcea19ec27df033359a0f42db0e8ed4290a8"},{"last_affected":"bdd11a04d102f8310812aa7cec39545fdd6662d1"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56766.json"}}],"schema_version":"1.7.5"}