5.5

CVE-2021-47150

net: fec: fix the potential memory leak in fec_enet_init()

In the Linux kernel, the following vulnerability has been resolved:

net: fec: fix the potential memory leak in fec_enet_init()

If the memory allocated for cbd_base is failed, it should
free the memory allocated for the queues, otherwise it causes
memory leak.

And if the memory allocated for the queues is failed, it can
return error directly.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.18 < 4.19.193
LinuxLinux Kernel Version >= 4.20 < 5.4.124
LinuxLinux Kernel Version >= 5.5 < 5.10.42
LinuxLinux Kernel Version >= 5.11 < 5.12.9
LinuxLinux Kernel Version5.13 Updaterc1
LinuxLinux Kernel Version5.13 Updaterc2
LinuxLinux Kernel Version5.13 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.129
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f
Patch
https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a
Patch
https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f
Patch
https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8
Patch
https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd
Patch