5.5
CVE-2022-49671
- EPSS 0.27%
- Veröffentlicht 26.02.2025 07:01:42
- Zuletzt bearbeitet 01.10.2025 20:17:03
- CVE-Watchlists
- Unerledigt
RDMA/cm: Fix memory leak in ib_cm_insert_listen
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.7 < 5.10.129
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.53
Linux ≫ Linux Kernel Version >= 5.16 < 5.18.10
Linux ≫ Linux Kernel Version5.19 Updaterc1
Linux ≫ Linux Kernel Version5.19 Updaterc2
Linux ≫ Linux Kernel Version5.19 Updaterc3
Linux ≫ Linux Kernel Version5.19 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.191 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/2990f223ffa7bb25422956b9f79f9176a5b38346
https://git.kernel.org/stable/c/2febf09a8a8ae4accf908f043f1bab1421056568
https://git.kernel.org/stable/c/889000874c1204e47c7f2a4945db262a47e7efc9
https://git.kernel.org/stable/c/b0cab8b517aeaf2592c3479294f934209c41a26f