5.5

CVE-2022-50060

octeontx2-af: Fix mcam entry resource leak

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: Fix mcam entry resource leak

The teardown sequence in FLR handler returns if no NIX LF
is attached to PF/VF because it indicates that graceful
shutdown of resources already happened. But there is a
chance of all allocated MCAM entries not being freed by
PF/VF. Hence free mcam entries even in case of detached LF.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.0 < 5.15.63
LinuxLinux Kernel Version >= 5.16 < 5.19.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.053
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/dc5be2d4f9285efe0d16f1bf00250df91d05d809
Patch
https://git.kernel.org/stable/c/cc32347f48111eea8d0165538c92aca92ede83f6
Patch
https://git.kernel.org/stable/c/3f8fe40ab7730cf8eb6f8b8ff412012f7f6f8f48
Patch