In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kfree() call in uvc_status_cleanup() trying to double-free the memory. Fix it by resetting the dev->status pointer to NULL after freeing it. Reviewed by: Ricardo Ribalda <ribalda>
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2024-57980-4b5a@gregkh/T
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:11299 https://access.redhat.com/errata/RHSA-2025:11299
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:11298 https://access.redhat.com/errata/RHSA-2025:11298
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:11428 https://access.redhat.com/errata/RHSA-2025:11428
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:11861 https://access.redhat.com/errata/RHSA-2025:11861
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:12209 https://access.redhat.com/errata/RHSA-2025:12209
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:12311 https://access.redhat.com/errata/RHSA-2025:12311
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:12525 https://access.redhat.com/errata/RHSA-2025:12525
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:12526 https://access.redhat.com/errata/RHSA-2025:12526
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:13061 https://access.redhat.com/errata/RHSA-2025:13061
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:13120 https://access.redhat.com/errata/RHSA-2025:13120
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:13135 https://access.redhat.com/errata/RHSA-2025:13135
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:13776 https://access.redhat.com/errata/RHSA-2025:13776
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:14136 https://access.redhat.com/errata/RHSA-2025:14136
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:14746 https://access.redhat.com/errata/RHSA-2025:14746
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:14748 https://access.redhat.com/errata/RHSA-2025:14748