5.5

CVE-2022-48856

gianfar: ethtool: Fix refcount leak in gfar_get_ts_info

In the Linux kernel, the following vulnerability has been resolved:

gianfar: ethtool: Fix refcount leak in gfar_get_ts_info

The of_find_compatible_node() function returns a node pointer with
refcount incremented, We should use of_node_put() on it when done
Add the missing of_node_put() to release the refcount.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.18 < 4.19.235
LinuxLinux Kernel Version >= 4.20 < 5.4.185
LinuxLinux Kernel Version >= 5.5 < 5.10.106
LinuxLinux Kernel Version >= 5.11 < 5.15.29
LinuxLinux Kernel Version >= 5.16 < 5.16.15
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.112
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0e1b9a2078e07fb1e6e91bf8badfd89ecab1e848
Patch
https://git.kernel.org/stable/c/21044e679ed535345042d2023f7df0ca8e897e2a
Patch
https://git.kernel.org/stable/c/2ac5b58e645c66932438bb021cb5b52097ce70b0
Patch
https://git.kernel.org/stable/c/6263f2eb93a85ad7df504daf0c341a7fb6bbe8a6
Patch
https://git.kernel.org/stable/c/f49f646f9ec296fc0afe7ae92c2bb47f23e3846c
Patch
https://git.kernel.org/stable/c/f7b3b520349193f8a82cca74daf366199e06add9
Patch