5.5

CVE-2022-49729

nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred

In the Linux kernel, the following vulnerability has been resolved:

nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred

Similar to the handling of play_deferred in commit 19cfe912c37b
("Bluetooth: btusb: Fix memory leak in play_deferred"), we thought
a patch might be needed here as well.

Currently usb_submit_urb is called directly to submit deferred tx
urbs after unanchor them.

So the usb_giveback_urb_bh would failed to unref it in usb_unanchor_urb
and cause memory leak.

Put those urbs in tx_anchor to avoid the leak, and also fix the error
handling.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.9.320
LinuxLinux Kernel Version >= 4.10 < 4.14.285
LinuxLinux Kernel Version >= 4.15 < 4.19.249
LinuxLinux Kernel Version >= 4.20 < 5.4.200
LinuxLinux Kernel Version >= 5.5 < 5.10.124
LinuxLinux Kernel Version >= 5.11 < 5.15.49
LinuxLinux Kernel Version >= 5.16 < 5.18.6
LinuxLinux Kernel Version5.19 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.162
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/0eeec1a8b0cd38c47edeb042980a6aeacecf35ed
Patch
https://git.kernel.org/stable/c/1eb0afecfb9cd0f38424b82bd9aaa542310934ee
Patch
https://git.kernel.org/stable/c/3e7c7df6991ac349f2fa8540047757df666e610f
Patch
https://git.kernel.org/stable/c/3eadc560c1919b8193d17334145dad9a917960e4
Patch
https://git.kernel.org/stable/c/6616872cfe7f0474a22dd1f12699f95bcf81a54d
Patch
https://git.kernel.org/stable/c/6b4d8b44e7163a77fe942f5b80e1651c1b78c537
Patch
https://git.kernel.org/stable/c/8a4d480702b71184fabcf379b80bf7539716752e
Patch
https://git.kernel.org/stable/c/f21f908347712b8288ffe83b531b5e977042b29c
Patch