5.5

CVE-2022-50146

PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors

In the Linux kernel, the following vulnerability has been resolved:

PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors

If dw_pcie_ep_init() fails to perform any action after the EPC memory is
initialized and the MSI memory region is allocated, the latter parts won't
be undone thus causing a memory leak.  Add a cleanup-on-error path to fix
these leaks.

[bhelgaas: commit log]
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.16 < 5.10.137
LinuxLinux Kernel Version >= 5.11 < 5.15.61
LinuxLinux Kernel Version >= 5.16 < 5.18.18
LinuxLinux Kernel Version >= 5.19 < 5.19.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.054
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/e7599a5974d4c64eaae8009c3f2e47b9e3223e07
Patch
https://git.kernel.org/stable/c/b03a8f1264ea8c363bec9ef6e37b467f27cb04ea
Patch
https://git.kernel.org/stable/c/2d546db5c80c45cac3ccd929550244fd58f4ff58
Patch
https://git.kernel.org/stable/c/3b453f5d06d1f1d6b20a75ea51dc7b53ae78f479
Patch
https://git.kernel.org/stable/c/8161e9626b50892eaedbd8070ecb1586ecedb109
Patch