5.5
CVE-2022-48656
- EPSS 0.26%
- Veröffentlicht 28.04.2024 13:15:07
- Zuletzt bearbeitet 21.11.2024 07:33:42
- CVE-Watchlists
- Unerledigt
dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we only need to move the of_node_put() before the check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.6.0 < 5.10.146
Linux ≫ Linux Kernel Version >= 5.11.0 < 5.15.71
Linux ≫ Linux Kernel Version >= 5.16.0 < 5.19.12
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.173 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/a17df55bf6d536712da6902a83db82b82e67d5a2
https://git.kernel.org/stable/c/aa11dae059a439af82bae541b134f8f53ac177b5
https://git.kernel.org/stable/c/dd5a6c5a08752b613e83ad2cb5133e72a64b876d
https://git.kernel.org/stable/c/f9fdb0b86f087c2b7f6c6168dd0985a3c1eda87e