5.3

CVE-2021-47064

mt76: fix potential DMA mapping leak

In the Linux kernel, the following vulnerability has been resolved:

mt76: fix potential DMA mapping leak

With buf uninitialized in mt76_dma_tx_queue_skb_raw, its field skip_unmap
could potentially inherit a non-zero value from stack garbage.
If this happens, it will cause DMA mappings for MCU command frames to not be
unmapped after completion
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10 < 5.10.37
LinuxLinux Kernel Version >= 5.11 < 5.11.21
LinuxLinux Kernel Version >= 5.12 < 5.12.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.77% 0.507
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/91b9548d413fda488ea853cd1b9f59b572db3a0c
Patch
https://git.kernel.org/stable/c/9b68ce2856dadc0e1cb6fd21fbeb850da49efd08
Patch
https://git.kernel.org/stable/c/9fa26701cd1fc4d932d431971efc5746325bdfce
Patch
https://git.kernel.org/stable/c/b4403cee6400c5f679e9c4a82b91d61aa961eccf
Patch