5.5

CVE-2022-49116

Bluetooth: use memset avoid memory leaks

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: use memset avoid memory leaks

Use memset to initialize structs to prevent memory leaks
in l2cap_ecred_connect
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.111
LinuxLinux Kernel Version >= 5.11 < 5.15.34
LinuxLinux Kernel Version >= 5.16 < 5.16.20
LinuxLinux Kernel Version >= 5.17 < 5.17.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.152
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/42b6a39f439b6f37cc2024d91ce547d83290ff78
Patch
https://git.kernel.org/stable/c/9567d54e70ff58c2695c2cc2e53c86c67551d3e6
Patch
https://git.kernel.org/stable/c/d3715b2333e9a21692ba16ef8645eda584a9515d
Patch
https://git.kernel.org/stable/c/d588c183a971b85c775ad66da563ee6e8bc8158f
Patch
https://git.kernel.org/stable/c/e9e55acee9b7a737ec7f5161b94a78932a5514c8
Patch