5.5

CVE-2022-49835

ALSA: hda: fix potential memleak in 'add_widget_node'

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: fix potential memleak in 'add_widget_node'

As 'kobject_add' may allocated memory for 'kobject->name' when return error.
And in this function, if call 'kobject_add' failed didn't free kobject.
So call 'kobject_put' to recycling resources.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.9.334
LinuxLinux Kernel Version >= 4.10 < 4.14.300
LinuxLinux Kernel Version >= 4.15 < 4.19.267
LinuxLinux Kernel Version >= 4.20 < 5.4.225
LinuxLinux Kernel Version >= 5.5 < 5.10.155
LinuxLinux Kernel Version >= 5.11 < 5.15.79
LinuxLinux Kernel Version >= 5.16 < 6.0.9
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.062
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/b688a3ec235222d9a84e43a48a6f31acb95baf2d
Patch
https://git.kernel.org/stable/c/bb0ac8d5e541224f599bc8e8f31a313faa4bf7b7
Patch
https://git.kernel.org/stable/c/90b7d055e2b5f39429f9a9e3815b48a48530ef28
Patch
https://git.kernel.org/stable/c/02dea987ec1cac712c78e75d224ceb9bb73519ed
Patch
https://git.kernel.org/stable/c/3a79f9568de08657fcdbc41d6fc4c0ca145a7a2b
Patch
https://git.kernel.org/stable/c/7140d7aaf93da6a665b454f91bb4dc6b1de218bd
Patch
https://git.kernel.org/stable/c/455d99bd6baf19688048b6d42d9fa74eae27f93b
Patch
https://git.kernel.org/stable/c/9a5523f72bd2b0d66eef3d58810c6eb7b5ffc143
Patch