5.5

CVE-2022-50172

mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg

Free the skb if mt76u_bulk_msg fails in __mt76x02u_mcu_send_msg routine.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.10.137
LinuxLinux Kernel Version >= 5.11 < 5.15.61
LinuxLinux Kernel Version >= 5.16 < 5.18.18
LinuxLinux Kernel Version >= 5.19 < 5.19.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.2% 0.102
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3ad958bc488e3ecb0207d31621c00efb86f17482
Patch
https://git.kernel.org/stable/c/f1609c4f4a21777e081b36596224802b85052ad9
Patch
https://git.kernel.org/stable/c/da1ab462b96c5d47a0755aec957bae3d685538c5
Patch
https://git.kernel.org/stable/c/2f53ba46d8c97aca681adbe5098e1f84580c446d
Patch
https://git.kernel.org/stable/c/cffd93411575afd987788e2ec3cb8eaff70f0215
Patch