{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T14:47:52.559","vulnerabilities":[{"cve":{"id":"CVE-2024-50021","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T20:15:15.630","lastModified":"2024-10-25T14:52:13.890","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix improper handling of refcount in ice_dpll_init_rclk_pins()\n\nThis patch addresses a reference count handling issue in the\nice_dpll_init_rclk_pins() function. The function calls ice_dpll_get_pins(),\nwhich increments the reference count of the relevant resources. However,\nif the condition WARN_ON((!vsi || !vsi->netdev)) is met, the function\ncurrently returns an error without properly releasing the resources\nacquired by ice_dpll_get_pins(), leading to a reference count leak.\n\nTo resolve this, the check has been moved to the top of the function. This\nensures that the function verifies the state before any resources are\nacquired, avoiding the need for additional resource management in the\nerror path.\n\nThis bug was identified by an experimental static analysis tool developed\nby our team. The tool specializes in analyzing reference count operations\nand detecting potential issues where resources are not properly managed.\nIn this case, the tool flagged the missing release operation as a\npotential problem, which led to the development of this patch."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: Se corrige el manejo incorrecto de refcount en ice_dpll_init_rclk_pins() Este parche soluciona un problema de manejo de recuento de referencias en la función ice_dpll_init_rclk_pins(). La función llama a ice_dpll_get_pins(), que incrementa el recuento de referencias de los recursos relevantes. Sin embargo, si se cumple la condición WARN_ON((!vsi || !vsi->netdev)), la función actualmente devuelve un error sin liberar correctamente los recursos adquiridos por ice_dpll_get_pins(), lo que lleva a una pérdida de recuento de referencias. Para resolver esto, la comprobación se ha movido a la parte superior de la función. Esto garantiza que la función verifique el estado antes de que se adquieran recursos, lo que evita la necesidad de una gestión de recursos adicional en la ruta de error. Este error fue identificado por una herramienta de análisis estático experimental desarrollada por nuestro equipo. La herramienta se especializa en analizar operaciones de recuento de referencias y detectar posibles problemas donde los recursos no se administran correctamente. En este caso, la herramienta marcó la operación de liberación faltante como un problema potencial, lo que llevó al desarrollo de este parche."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.11.4","matchCriteriaId":"AA84D336-CE9A-4535-B901-1AD77EC17C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*","matchCriteriaId":"7F361E1D-580F-4A2D-A509-7615F73167A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/aefecead9d08f4a35ab6f51ba2e408d2cef4e31d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ccca30a18e36a742e606d5bf0630e75be7711d0a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}