5.5
CVE-2021-47009
- EPSS 0.25%
- Veröffentlicht 28.02.2024 09:15:38
- Zuletzt bearbeitet 09.12.2024 18:24:16
- CVE-Watchlists
- Unerledigt
KEYS: trusted: Fix memory leak on object td
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak on object td Two error return paths are neglecting to free allocated object td, causing a memory leak. Fix this by returning via the error return path that securely kfree's td. Fixes clang scan-build warning: security/keys/trusted-keys/trusted_tpm1.c:496:10: warning: Potential memory leak [unix.Malloc]
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10.20 < 5.10.38
Linux ≫ Linux Kernel Version >= 5.11.3 < 5.11.22
Linux ≫ Linux Kernel Version >= 5.12 < 5.12.5
Linux ≫ Linux Kernel Version5.12 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.156 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/1c4031014106aff48e1e686e40101c31eab5d44c
https://git.kernel.org/stable/c/31c9a4b24d86cbb36ff0d7a085725a3b4f0138c8
https://git.kernel.org/stable/c/3e24fbd37e72e8a67b74991970fecc82d14f57af
https://git.kernel.org/stable/c/83a775d5f9bfda95b1c295f95a3a041a40c7f321