5.5

CVE-2022-49657

usbnet: fix memory leak in error case

In the Linux kernel, the following vulnerability has been resolved:

usbnet: fix memory leak in error case

usbnet_write_cmd_async() mixed up which buffers
need to be freed in which error case.

v2: add Fixes tag
v3: fix uninitialized buf pointer
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.8 < 4.9.323
LinuxLinux Kernel Version >= 4.10 < 4.14.288
LinuxLinux Kernel Version >= 4.15 < 4.19.252
LinuxLinux Kernel Version >= 4.20 < 5.4.205
LinuxLinux Kernel Version >= 5.5 < 5.10.130
LinuxLinux Kernel Version >= 5.11 < 5.15.54
LinuxLinux Kernel Version >= 5.16 < 5.18.11
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.186
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0085da9df3dced730027923a6b48f58e9016af91
Patch
https://git.kernel.org/stable/c/04894ab34faf40ab72a8a5ab5b404bb0606bbbff
Patch
https://git.kernel.org/stable/c/3eed421ca5c809da93456f69203d164d5220be3d
Patch
https://git.kernel.org/stable/c/5269209f54dd8dfd15f9383f3a3a1fe8370764f8
Patch
https://git.kernel.org/stable/c/b55a21b764c1e182014630fa5486d717484ac58f
Patch
https://git.kernel.org/stable/c/d5165e657987ff4ba0ace896d4376a3718a9fbc3
Patch
https://git.kernel.org/stable/c/db89582ff330556188da856e01382ccbf3a5e706
Patch
https://git.kernel.org/stable/c/e7b4f69946a38209b4a4f660bf0e4cbed94f9b4b
Patch