CVE-2024-39484— mmc: davinci: Don't strip remove function when driver is builtin
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-39484
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mmc: davinci: Don't strip remove function when driver is builtin
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. using sysfs or hotplug), the driver is just removed without the cleanup being performed. This results in resource leaks. Fix it by compiling in the remove callback unconditionally. This also fixes a W=1 modpost warning: WARNING: modpost: drivers/mmc/host/davinci_mmc: section mismatch in reference: davinci_mmcsd_driver+0x10 (section: .data) -> davinci_mmcsd_remove (section: .exit.text)
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞。攻击者利用该漏洞可以导致资源泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-39484
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-39484
请登录查看更多情报信息。
Same Patch Batch · Linux · 2024-07-05 · 14 CVEs total
| CVE-2024-39485 | media: v4l: async: Properly re-initialise notifier entry in unregister | |
| CVE-2024-39482 | bcache: fix variable length array abuse in btree_iter | |
| CVE-2024-39483 | KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked | |
| CVE-2024-39481 | media: mc: Fix graph walk in media_pipeline_start | |
| CVE-2024-39479 | drm/i915/hwmon: Get rid of devm | |
| CVE-2024-39480 | kdb: Fix buffer overflow during tab-complete | |
| CVE-2024-39478 | crypto: starfive - Do not free stack buffer | |
| CVE-2024-39476 | md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING | |
| CVE-2024-39477 | mm/hugetlb: do not call vma_add_reservation upon ENOMEM | |
| CVE-2024-39475 | fbdev: savage: Handle err return when savagefb_check_var failed | |
| CVE-2024-39474 | mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL | |
| CVE-2024-39473 | ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension | |
| CVE-2024-39472 | xfs: fix log recovery buffer allocation for the legacy h_size fixup |
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
Same vendor: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
V. Comments for CVE-2024-39484
No comments yet