5.5
CVE-2022-49206
- EPSS 0.25%
- Veröffentlicht 26.02.2025 07:00:57
- Zuletzt bearbeitet 01.10.2025 20:15:55
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xa_insert() fails, the obj_event is not released. Fix the error unwind flow to free that memory to avoid a memory leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.3 < 5.4.189
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.110
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.33
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.19
Linux ≫ Linux Kernel Version >= 5.17 < 5.17.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.166 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/0174a89663a5ef83617da15bf24c0af2f62b6c7f
https://git.kernel.org/stable/c/087f9c3f2309ed183f7e4b85ae57121d8663224d
https://git.kernel.org/stable/c/414b4e8738484379f18d6c4e780787c80dbf8a2c
https://git.kernel.org/stable/c/8dd392e352d3269938fea32061a74655a613f929
https://git.kernel.org/stable/c/c98d903ff9e79c210beddea4e6bc15ac38e25aa5
https://git.kernel.org/stable/c/d66498507801fd9a20307a15a0814a0a016c3cde