CVE-2024-35859

medium

Description

In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is grabbed already, hence module reference should be released if bdev_may_open() failed. This problem is found by code review.

References

https://git.kernel.org/stable/c/9617cd6f24b294552a817f80f5225431ef67b540

https://git.kernel.org/stable/c/0e9327c67410b129bf85e5c3a5aaea518328636f

Details

Source: Mitre, NVD

Published: 2024-05-17

Updated: 2024-10-29

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium