5.5

CVE-2022-50395

integrity: Fix memory leakage in keyring allocation error path

In the Linux kernel, the following vulnerability has been resolved:

integrity: Fix memory leakage in keyring allocation error path

Key restriction is allocated in integrity_init_keyring(). However, if
keyring allocation failed, it is not freed, causing memory leaks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.12 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/9b7c44885a07c5ee7f9bf3aa3c9c72fb110c8d22
Patch
https://git.kernel.org/stable/c/3bd737289c26be3cee4b9afaf61ef784a2af9d6e
Patch
https://git.kernel.org/stable/c/29d6c69ba4b96a1de0376e44e5f8b38b13ec8803
Patch
https://git.kernel.org/stable/c/57e49ad12f8f5df0c48e1710c54b147a05a10c32
Patch
https://git.kernel.org/stable/c/c591c48842f08d30ec6b8416757831985ed9a315
Patch
https://git.kernel.org/stable/c/39419ef7af0916cc3620ecf1ed42d29659109bf3
Patch