5.5

CVE-2022-48656

dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()

We should call of_node_put() for the reference returned by
of_parse_phandle() in fail path or when it is not used anymore.
Here we only need to move the of_node_put() before the check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.6.0 < 5.10.146
LinuxLinux Kernel Version >= 5.11.0 < 5.15.71
LinuxLinux Kernel Version >= 5.16.0 < 5.19.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.173
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/a17df55bf6d536712da6902a83db82b82e67d5a2
Patch
https://git.kernel.org/stable/c/aa11dae059a439af82bae541b134f8f53ac177b5
Patch
https://git.kernel.org/stable/c/dd5a6c5a08752b613e83ad2cb5133e72a64b876d
Patch
https://git.kernel.org/stable/c/f9fdb0b86f087c2b7f6c6168dd0985a3c1eda87e
Patch