CVE-2024-40934: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
First published: Fri Jul 12 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=5.4.257<5.4.279 | |
| Linux Kernel | >=5.10.195<5.10.221 | |
| Linux Kernel | >=5.15.132<5.15.162 | |
| Linux Kernel | >=6.1.53<6.1.95 | |
| Linux Kernel | >=6.6<6.6.35 | |
| Linux Kernel | >=6.7<6.9.6 | |
| Linux Kernel | =6.10-rc1 | |
| Linux Kernel | =6.10-rc2 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.135-1 6.12.22-1 6.12.25-1 | |
| debian/linux-6.1 | 6.1.129-1~deb11u1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/15122dc140d82c51c216535c57b044c4587aae45
- https://git.kernel.org/stable/c/1df2ead5dfad5f8f92467bd94889392d53100b98
- https://git.kernel.org/stable/c/789c99a1d7d2c8f6096d75fc2930505840ec9ea0
- https://git.kernel.org/stable/c/a0503757947f2e46e59c1962326b53b3208c8213
- https://git.kernel.org/stable/c/caa9c9acb93db7ad7b74b157cf101579bac9596d
- https://git.kernel.org/stable/c/ce3af2ee95170b7d9e15fff6e500d67deab1e7b3
- https://git.kernel.org/stable/c/f677ca8cfefee2a729ca315f660cd4868abdf8de
- https://git.kernel.org/linus/ce3af2ee95170b7d9e15fff6e500d67deab1e7b3
- https://security-tracker.debian.org/tracker/CVE-2024-40934
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40934
- https://nvd.nist.gov/vuln/detail/CVE-2024-40934
- https://launchpad.net/bugs/cve/CVE-2024-40934
- https://ubuntu.com/security/CVE-2024-40934
Frequently Asked Questions
What is the severity of CVE-2024-40934?
CVE-2024-40934 has a medium severity level due to a memory leak in the Linux kernel's HID subsystem.
How do I fix CVE-2024-40934?
To fix CVE-2024-40934, update to the patched versions of the Linux kernel, specifically those released after 5.4.279, 5.10.221, 5.15.162, 6.1.95, 6.6.35, 6.9.6, and 6.10-rc2.
Which versions of the Linux kernel are affected by CVE-2024-40934?
CVE-2024-40934 affects Linux kernel versions from 5.4.257 to 5.4.279, 5.10.195 to 5.10.221, 5.15.132 to 5.15.162, 6.1.53 to 6.1.95, 6.6.0 to 6.6.35, and 6.7.0 to 6.9.6.
What component is impacted by CVE-2024-40934?
CVE-2024-40934 impacts the HID: logitech-dj component of the Linux kernel.
Is there a workaround for CVE-2024-40934?
There are no known workarounds for CVE-2024-40934, and applying the appropriate kernel updates is the recommended solution.
- agent/title
- agent/type
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/first-publish-date
- agent/references
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/security-tracker-debian
- source/Debian
- agent/tags
- agent/softwarecombine
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.4.257
- version/linux kernel/5.10.195
- version/linux kernel/5.15.132
- version/linux kernel/6.1.53
- version/linux kernel/6.6
- version/linux kernel/6.7
- version/linux kernel/6.10-rc1
- version/linux kernel/6.10-rc2
- package-manager/debian