5.5
CVE-2022-48856
- EPSS 0.21%
- Veröffentlicht 16.07.2024 13:15:12
- Zuletzt bearbeitet 21.11.2024 07:34:13
- CVE-Watchlists
- Unerledigt
gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fix refcount leak in gfar_get_ts_info The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.18 < 4.19.235
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.185
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.106
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.29
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.15
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.112 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/0e1b9a2078e07fb1e6e91bf8badfd89ecab1e848
https://git.kernel.org/stable/c/21044e679ed535345042d2023f7df0ca8e897e2a
https://git.kernel.org/stable/c/2ac5b58e645c66932438bb021cb5b52097ce70b0
https://git.kernel.org/stable/c/6263f2eb93a85ad7df504daf0c341a7fb6bbe8a6
https://git.kernel.org/stable/c/f49f646f9ec296fc0afe7ae92c2bb47f23e3846c
https://git.kernel.org/stable/c/f7b3b520349193f8a82cca74daf366199e06add9