5.5

CVE-2021-47319

virtio-blk: Fix memory leak among suspend/resume procedure

In the Linux kernel, the following vulnerability has been resolved:

virtio-blk: Fix memory leak among suspend/resume procedure

The vblk->vqs should be freed before we call init_vqs()
in virtblk_restore().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.4.276
LinuxLinux Kernel Version >= 4.5 < 4.9.276
LinuxLinux Kernel Version >= 4.10 < 4.14.240
LinuxLinux Kernel Version >= 4.15 < 4.19.198
LinuxLinux Kernel Version >= 4.20 < 5.4.134
LinuxLinux Kernel Version >= 5.5 < 5.10.52
LinuxLinux Kernel Version >= 5.11 < 5.12.19
LinuxLinux Kernel Version >= 5.13 < 5.13.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.169
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/04c6e60b884cb5e94ff32af46867fb41d5848358
Patch
https://git.kernel.org/stable/c/102d6bc6475ab09bab579c18704e6cf8d898e93c
Patch
https://git.kernel.org/stable/c/29a2f4a3214aa14d61cc9737c9f886dae9dbb710
Patch
https://git.kernel.org/stable/c/381bde79d11e596002edfd914e6714291826967a
Patch
https://git.kernel.org/stable/c/600942d2fd49b90e44857d20c774b20d16f3130f
Patch
https://git.kernel.org/stable/c/863da837964c80c72e368a4f748c30d25daa1815
Patch
https://git.kernel.org/stable/c/b71ba22e7c6c6b279c66f53ee7818709774efa1f
Patch
https://git.kernel.org/stable/c/ca2b8ae93a6da9839dc7f9eb9199b18aa03c3dae
Patch
https://git.kernel.org/stable/c/cd24da0db9f75ca11eaf6060f0ccb90e2f3be3b0
Patch