high
7.8
CWE
415
Advisory Published
CVE Published
Updated

CVE-2024-38627: stm class: Fix a double free in stm_register_device()

First published: Fri Jun 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2024-38627">CVE-2024-38627</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
redhat/kernel<4.19.316
4.19.316
redhat/kernel<5.4.278
5.4.278
redhat/kernel<5.10.219
5.10.219
redhat/kernel<5.15.161
5.15.161
redhat/kernel<6.1.93
6.1.93
redhat/kernel<6.6.33
6.6.33
redhat/kernel<6.9.4
6.9.4
redhat/kernel<6.10
6.10
Linux Kernel>=4.7<4.19.316
Linux Kernel>=4.20<5.4.278
Linux Kernel>=5.5<5.10.219
Linux Kernel>=5.11<5.15.161
Linux Kernel>=5.16<6.1.93
Linux Kernel>=6.2<6.6.33
Linux Kernel>=6.7<6.9.4
debian/linux
5.10.223-1
5.10.234-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.16-1

Remedy

https://git.kernel.org/stable/c/370c480410f60b90ba3e96abe73ead21ec827b20

Remedy

https://git.kernel.org/stable/c/3df463865ba42b8f88a590326f4c9ea17a1ce459

Remedy

https://git.kernel.org/stable/c/4bfd48bb6e62512b9c392c5002c11e1e3b18d247

Remedy

https://git.kernel.org/stable/c/6cc30ef8eb6d8f8d6df43152264bbf8835d99931

Remedy

https://git.kernel.org/stable/c/713fc00c571dde4af3db2dbd5d1b0eadc327817b

Remedy

https://git.kernel.org/stable/c/7419df1acffbcc90037f6b5a2823e81389659b36

Remedy

https://git.kernel.org/stable/c/a0450d3f38e7c6c0a7c0afd4182976ee15573695

Remedy

https://git.kernel.org/stable/c/d782a2db8f7ac49c33b9ca3e835500a28667d1be

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-38627?

    CVE-2024-38627 is classified as a medium severity vulnerability in the Linux kernel due to the potential for double free issues.

  • How do I fix CVE-2024-38627?

    To mitigate CVE-2024-38627, ensure that your Linux kernel version is updated to one of the fixed versions, such as 4.19.317 or later.

  • Which Linux kernel versions are affected by CVE-2024-38627?

    CVE-2024-38627 affects multiple Linux kernel versions including those earlier than 4.19.317, 5.4.279, 5.10.220, and specific patched versions from Red Hat.

  • What does CVE-2024-38627 impact?

    CVE-2024-38627 impacts the Linux kernel's stm class, leading to a vulnerability that can be exploited through device registration.

  • Is CVE-2024-38627 exploitable remotely?

    CVE-2024-38627 is considered to be locally exploitable, meaning an attacker would need local access to the system to exploit this vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203