medium
5.5
CWE
401
Advisory Published
CVE Published
Updated

CVE-2024-26839: IB/hfi1: Fix a memleak in init_credit_return

First published: Wed Apr 17 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in init_credit_return When dma_alloc_coherent fails to allocate dd->cr_base[i].va, init_credit_return should deallocate dd->cr_base and dd->cr_base[i] that allocated before. Or those resources would be never freed and a memleak is triggered.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux kernel>=4.3<4.19.308
Linux kernel>=4.20<5.4.270
Linux kernel>=5.5<5.10.211
Linux kernel>=5.11<5.15.150
Linux kernel>=5.16<6.1.80
Linux kernel>=6.2<6.6.19
Linux kernel>=6.7<6.7.7
Linux kernel=6.8-rc1
Linux kernel=6.8-rc2
Linux kernel=6.8-rc3
Linux kernel=6.8-rc4
Linux kernel=6.8-rc5
Debian=10.0
debian/linux
5.10.223-1
5.10.234-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.17-1

Remedy

https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3

Remedy

https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7

Remedy

https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25

Remedy

https://git.kernel.org/stable/c/809aa64ebff51eb170ee31a95f83b2d21efa32e2

Remedy

https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2adf3670a

Remedy

https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896

Remedy

https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8

Remedy

https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-26839?

    CVE-2024-26839 has been classified with a moderate severity level due to potential memory leakage issues in the Linux kernel.

  • How do I fix CVE-2024-26839?

    To fix CVE-2024-26839, you should update to the recommended patched versions of the Linux kernel provided by your distribution.

  • Which versions of the Linux kernel are affected by CVE-2024-26839?

    CVE-2024-26839 affects various versions of the Linux kernel from 4.3 up to 6.8-rc5.

  • What are the consequences of CVE-2024-26839 if not addressed?

    If not addressed, CVE-2024-26839 may lead to increased memory usage and potential performance degradation in affected systems.

  • Is CVE-2024-26839 specific to any Linux distributions?

    CVE-2024-26839 is not specific to any one distribution but affects the Linux kernel across multiple distributions, including Debian.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203