5.5

CVE-2022-49713

usb: dwc2: Fix memory leak in dwc2_hcd_init

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: Fix memory leak in dwc2_hcd_init

usb_create_hcd will alloc memory for hcd, and we should
call usb_put_hcd to free it when platform_get_resource()
fails to prevent memory leak.
goto error2 label instead error1 to fix this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.14.250 < 4.14.285
LinuxLinux Kernel Version >= 4.19.210 < 4.19.249
LinuxLinux Kernel Version >= 5.4.152 < 5.4.200
LinuxLinux Kernel Version >= 5.10.72 < 5.10.124
LinuxLinux Kernel Version >= 5.14.11 < 5.15.49
LinuxLinux Kernel Version >= 5.16 < 5.18.6
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.184
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3755278f078460b021cd0384562977bf2039a57a
Patch
https://git.kernel.org/stable/c/52bfcedbfd5bf962dbdcb6e761f4d0dd3ba26dfd
Patch
https://git.kernel.org/stable/c/6506aff2dc2f7059aa3d45ee2e8639b25e87090f
Patch
https://git.kernel.org/stable/c/701d8ec01e0f229d4db6f43d3d64ee479120cbeb
Patch
https://git.kernel.org/stable/c/84e6d0af87e27bbc0db94f2e7323b34abe17b6e5
Patch
https://git.kernel.org/stable/c/981ee40649e5fd9550f82db1fbb3bfab037da346
Patch
https://git.kernel.org/stable/c/a44a8a762f7fe9ad3c065813d058e835a6180cb2
Patch