5.5
CVE-2021-47074
- EPSS 0.24%
- Veröffentlicht 01.03.2024 22:15:47
- Zuletzt bearbeitet 12.12.2024 14:43:36
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
nvme-loop: fix memory leak in nvme_loop_create_ctrl()
In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvme_loop_create_ctrl() When creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl() fails, the loop ctrl should be freed before jumping to the "out" label.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.8 < 5.10.40
Linux ≫ Linux Kernel Version >= 5.11 < 5.12.7
Linux ≫ Linux Kernel Version5.13 Updaterc1
Linux ≫ Linux Kernel Version5.13 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.142 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/03504e3b54cc8118cc26c064e60a0b00c2308708
https://git.kernel.org/stable/c/551ba08d4b7eb26f75758cdb9f15105b276517ad
https://git.kernel.org/stable/c/9c980795ccd77e8abec33dd6fe28dfe1c4083e65