5.5

CVE-2022-49396

phy: qcom-qmp: fix reset-controller leak on probe errors

In the Linux kernel, the following vulnerability has been resolved:

phy: qcom-qmp: fix reset-controller leak on probe errors

Make sure to release the lane reset controller in case of a late probe
error (e.g. probe deferral).

Note that due to the reset controller being defined in devicetree in
"lane" child nodes, devm_reset_control_get_exclusive() cannot be used
directly.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.12 < 4.14.283
LinuxLinux Kernel Version >= 4.15 < 4.19.247
LinuxLinux Kernel Version >= 4.20 < 5.4.198
LinuxLinux Kernel Version >= 5.5 < 5.10.121
LinuxLinux Kernel Version >= 5.11 < 5.15.46
LinuxLinux Kernel Version >= 5.16 < 5.17.14
LinuxLinux Kernel Version >= 5.18 < 5.18.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.166
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/2156dc390402043ba5982489c6625adcb0b0975c
Patch
https://git.kernel.org/stable/c/4d2900f20edfe541f75756a00deeb2ffe7c66bc1
Patch
https://git.kernel.org/stable/c/7ac21b24af859c097eb4034e93430056068f8f31
Patch
https://git.kernel.org/stable/c/8c03eb0c8982677b4e17174073a011788891304d
Patch
https://git.kernel.org/stable/c/a39d9eccb333b8c07c43ebea1c6dfda122378a0f
Patch
https://git.kernel.org/stable/c/b7b5fbcaac5355e2e695dc0c08a0fcf248250388
Patch
https://git.kernel.org/stable/c/ba173a6f8d8dffed64bb13ab23081bdddfb464f0
Patch
https://git.kernel.org/stable/c/feb05b10b3ed3ae21b851520a0d0b71685439517
Patch