5.5

CVE-2022-48722

net: ieee802154: ca8210: Stop leaking skb's

In the Linux kernel, the following vulnerability has been resolved:

net: ieee802154: ca8210: Stop leaking skb's

Upon error the ieee802154_xmit_complete() helper is not called. Only
ieee802154_wake_queue() is called manually. We then leak the skb
structure.

Free the skb structure upon error before returning.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.12 < 4.14.265
LinuxLinux Kernel Version >= 4.15 < 4.19.228
LinuxLinux Kernel Version >= 4.20 < 5.4.178
LinuxLinux Kernel Version >= 5.5 < 5.10.99
LinuxLinux Kernel Version >= 5.11 < 5.15.22
LinuxLinux Kernel Version >= 5.16 < 5.16.8
LinuxLinux Kernel Version5.17 Updaterc1
LinuxLinux Kernel Version5.17 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.127
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/21feb6df3967541931242c427fe0958276af81cc
Patch
https://git.kernel.org/stable/c/621b24b09eb61c63f262da0c9c5f0e93348897e5
Patch
https://git.kernel.org/stable/c/6f38d3a6ec11c2733b1c641a46a2a2ecec57be08
Patch
https://git.kernel.org/stable/c/78b3f20c17cbcb7645bfa63f2ca0e11b53c09d56
Patch
https://git.kernel.org/stable/c/94cd597e20ed4acedb8f15f029d92998b011cb1a
Patch
https://git.kernel.org/stable/c/a1c277b0ed2a13e7de923b5f03bc23586eceb851
Patch
https://git.kernel.org/stable/c/d6a44feb2f28d71a7e725f72d09c97c81561cd9a
Patch