5.5

CVE-2022-49671

RDMA/cm: Fix memory leak in ib_cm_insert_listen

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cm: Fix memory leak in ib_cm_insert_listen

cm_alloc_id_priv() allocates resource for the cm_id_priv. When
cm_init_listen() fails it doesn't free it, leading to memory leak.

Add the missing error unwind.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.7 < 5.10.129
LinuxLinux Kernel Version >= 5.11 < 5.15.53
LinuxLinux Kernel Version >= 5.16 < 5.18.10
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.191
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/2990f223ffa7bb25422956b9f79f9176a5b38346
Patch
https://git.kernel.org/stable/c/2febf09a8a8ae4accf908f043f1bab1421056568
Patch
https://git.kernel.org/stable/c/889000874c1204e47c7f2a4945db262a47e7efc9
Patch
https://git.kernel.org/stable/c/b0cab8b517aeaf2592c3479294f934209c41a26f
Patch