5.5

CVE-2022-48959

net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()

When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(),
priv->regions is not released.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10 < 5.10.159
LinuxLinux Kernel Version >= 5.11 < 5.15.83
LinuxLinux Kernel Version >= 5.16 < 6.0.13
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
LinuxLinux Kernel Version6.1 Updaterc5
LinuxLinux Kernel Version6.1 Updaterc6
LinuxLinux Kernel Version6.1 Updaterc7
LinuxLinux Kernel Version6.1 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.141
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/4be43e46c3f945fc7dd9e23c73a7a66927a3b814
Patch
https://git.kernel.org/stable/c/78a9ea43fc1a7c06a420b132d2d47cbf4344a5df
Patch
https://git.kernel.org/stable/c/e5e59629654b8826f0167dae480d0e3fa0f8f038
Patch
https://git.kernel.org/stable/c/f3b5dda26cd0535aac09ed09c5d83f19b979ec9f
Patch