5.5

CVE-2022-49922

nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()

In the Linux kernel, the following vulnerability has been resolved:

nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()

nfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb
should be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send()
will only free skb when i2c_master_send() return >=0, which means skb
will memleak when i2c_master_send() failed. Free skb no matter whether
i2c_master_send() succeeds.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.4 < 4.9.333
LinuxLinux Kernel Version >= 4.10 < 4.14.299
LinuxLinux Kernel Version >= 4.15 < 4.19.265
LinuxLinux Kernel Version >= 4.20 < 5.4.224
LinuxLinux Kernel Version >= 5.5 < 5.10.154
LinuxLinux Kernel Version >= 5.11 < 5.15.78
LinuxLinux Kernel Version >= 5.16 < 6.0.8
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.05
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/dd0ee55ead91fbb16889dbe7ff0b0f7c9e4e849d
Patch
https://git.kernel.org/stable/c/825656ae61e73ddc05f585e6258d284c87064b10
Patch
https://git.kernel.org/stable/c/c8e7d4a1166f063703955f1b2e765a6db5bf1771
Patch
https://git.kernel.org/stable/c/f30060efcf18883748a0541aa41acef183cd9c0e
Patch
https://git.kernel.org/stable/c/52438e734c1566f5e2bcd9a065d2d65e306c0555
Patch
https://git.kernel.org/stable/c/5dfdac5e3f8db5f4445228c44f64091045644a3b
Patch
https://git.kernel.org/stable/c/92a1df9c6da20c02cf9872f8b025a66ddb307aeb
Patch
https://git.kernel.org/stable/c/93d904a734a74c54d945a9884b4962977f1176cd
Patch