5.5

CVE-2022-49263

brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path

In the Linux kernel, the following vulnerability has been resolved:

brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path

This avoids leaking memory if brcmf_chip_get_raminfo fails. Note that
the CLM blob is released in the device remove path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.4.189
LinuxLinux Kernel Version >= 5.5 < 5.10.110
LinuxLinux Kernel Version >= 5.11 < 5.15.33
LinuxLinux Kernel Version >= 5.16 < 5.16.19
LinuxLinux Kernel Version >= 5.17 < 5.17.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.166
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0347bdfdb1529994ac3a4cb425087c477a74eb2c
Patch
https://git.kernel.org/stable/c/4e0b507597e1a86e9b4c056ab274c427223cf8ea
Patch
https://git.kernel.org/stable/c/5e90f0f3ead014867dade7a22f93958119f5efab
Patch
https://git.kernel.org/stable/c/a88337a06966f2d733ad9a97714b874469133f14
Patch
https://git.kernel.org/stable/c/d0ab87f8dcdfe72dc1d763be3392c1fc51a1ace2
Patch
https://git.kernel.org/stable/c/f3820ddaf4f3ac80c7401ccc6a42e663c9317f31
Patch