5.5

CVE-2022-50247

usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq

In the Linux kernel, the following vulnerability has been resolved:

usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq

Can not set the @shared_hcd to NULL before decrease the usage count
by usb_put_hcd(), this will cause the shared hcd not released.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.13 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.041
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/ffb14aac2658873050671198543b9b8194149c14
Patch
https://git.kernel.org/stable/c/05680a91ae60ddd0319e6618456f0883b5dd765d
Patch
https://git.kernel.org/stable/c/c8e7463844888dc8344bbb9cbad88cdce9cb8077
Patch
https://git.kernel.org/stable/c/03a88b0bafbe3f548729d970d8366f48718c9b19
Patch