5.5

CVE-2022-48860

ethernet: Fix error handling in xemaclite_of_probe

In the Linux kernel, the following vulnerability has been resolved:

ethernet: Fix error handling in xemaclite_of_probe

This node pointer is returned by of_parse_phandle() with refcount
incremented in this function. Calling of_node_put() to avoid the
refcount leak. As the remove function do.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.34 < 4.9.307
LinuxLinux Kernel Version >= 4.10 < 4.14.272
LinuxLinux Kernel Version >= 4.15 < 4.19.235
LinuxLinux Kernel Version >= 4.20 < 5.4.185
LinuxLinux Kernel Version >= 5.5 < 5.10.106
LinuxLinux Kernel Version >= 5.11 < 5.15.29
LinuxLinux Kernel Version >= 5.16 < 5.16.15
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.118
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/1852854ee349881efb78ccdbbb237838975902e4
Patch
https://git.kernel.org/stable/c/5e7c402892e189a7bc152b125e72261154aa585d
Patch
https://git.kernel.org/stable/c/669172ce976608b25a2f76f3c65d47f042d125c9
Patch
https://git.kernel.org/stable/c/8609e29611befc4bfbe7a91bb50fc65ae72ff549
Patch
https://git.kernel.org/stable/c/8ee065a7a9b6a3976c16340503677efc4d8351f6
Patch
https://git.kernel.org/stable/c/979b418b96e35f07136f77962ccfaa54cf3e30e1
Patch
https://git.kernel.org/stable/c/b19ab4b38b06aae12442b2de95ccf58b5dc53584
Patch
https://git.kernel.org/stable/c/b7220f8e9d6c6b9594ddfb3125dad938cd478b1f
Patch