5.5

CVE-2022-50140

memstick/ms_block: Fix a memory leak

In the Linux kernel, the following vulnerability has been resolved:

memstick/ms_block: Fix a memory leak

'erased_blocks_bitmap' is never freed. As it is allocated at the same time
as 'used_blocks_bitmap', it is likely that it should be freed also at the
same time.

Add the corresponding bitmap_free() in msb_data_clear().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.12 < 4.14.291
LinuxLinux Kernel Version >= 4.15 < 4.19.256
LinuxLinux Kernel Version >= 4.20 < 5.4.211
LinuxLinux Kernel Version >= 5.5 < 5.10.137
LinuxLinux Kernel Version >= 5.11 < 5.15.61
LinuxLinux Kernel Version >= 5.16 < 5.18.18
LinuxLinux Kernel Version >= 5.19 < 5.19.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.055
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/efd675246aec045507b9425c67b548cc2d782d8f
Patch
https://git.kernel.org/stable/c/37958980eb4cd71ae594ace093c11b6a91e165e8
Patch
https://git.kernel.org/stable/c/9d8b911fe3c3ed788c66edba7c90e32a4a7a5f53
Patch
https://git.kernel.org/stable/c/9260a154b3b5e387dbceec7c0ac441470646bc6f
Patch
https://git.kernel.org/stable/c/961d7d12080fe70847f944d656e36cd0dd0214ba
Patch
https://git.kernel.org/stable/c/16e07966638717416abf45393d6a80a5a1034429
Patch
https://git.kernel.org/stable/c/39be95d1ff7b44c1e969af72ba9da7332dfcc1da
Patch
https://git.kernel.org/stable/c/54eb7a55be6779c4d0c25eaf5056498a28595049
Patch