5.5
CVE-2021-47020
- EPSS 0.23%
- Veröffentlicht 29.02.2024 23:15:07
- Zuletzt bearbeitet 10.12.2024 17:03:24
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
soundwire: stream: fix memory leak in stream config error path
In the Linux kernel, the following vulnerability has been resolved: soundwire: stream: fix memory leak in stream config error path When stream config is failed, master runtime will release all slave runtime in the slave_rt_list, but slave runtime is not added to the list at this time. This patch frees slave runtime in the config error path to fix the memory leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.18 < 4.19.191
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.119
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.37
Linux ≫ Linux Kernel Version >= 5.11 < 5.11.21
Linux ≫ Linux Kernel Version >= 5.12 < 5.12.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.13 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/2f17ac005b320c85d686088cfd4c2e7017912b88
https://git.kernel.org/stable/c/342260fe821047c3d515e3d28085d73fbdce3e80
https://git.kernel.org/stable/c/48f17f96a81763c7c8bf5500460a359b9939359f
https://git.kernel.org/stable/c/7c468deae306d0cbbd539408c26cfec04c66159a
https://git.kernel.org/stable/c/870533403ffa28ff63e173045fc5369365642002
https://git.kernel.org/stable/c/effd2bd62b416f6629e18e3ce077c60de14cfdea