5.5

CVE-2022-49050

memory: renesas-rpc-if: fix platform-device leak in error path

In the Linux kernel, the following vulnerability has been resolved:

memory: renesas-rpc-if: fix platform-device leak in error path

Make sure to free the flash platform device in the event that
registration fails during probe.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.9 < 5.10.112
LinuxLinux Kernel Version >= 5.11 < 5.15.35
LinuxLinux Kernel Version >= 5.16 < 5.17.4
LinuxLinux Kernel Version5.18 Updaterc1
LinuxLinux Kernel Version5.18 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.165
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/05d1824a7fb43ab9adb1eb82404954af81d8c984
Patch
https://git.kernel.org/stable/c/66b9b707ea4dcafca92b6261c6924652914e3b73
Patch
https://git.kernel.org/stable/c/b452dbf24d7d9a990d70118462925f6ee287d135
Patch
https://git.kernel.org/stable/c/c089ffc846c85f200db34ad208338f4f81a6d82d
Patch