5.5

CVE-2022-50474

macintosh: fix possible memory leak in macio_add_one_device()

In the Linux kernel, the following vulnerability has been resolved:

macintosh: fix possible memory leak in macio_add_one_device()

Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's
bus_id string array"), the name of device is allocated dynamically. It
needs to be freed when of_device_register() fails. Call put_device() to
give up the reference that's taken in device_initialize(), so that it
can be freed in kobject_cleanup() when the refcount hits 0.

macio device is freed in macio_release_dev(), so the kfree() can be
removed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.30 < 4.9.337
LinuxLinux Kernel Version >= 4.10 < 4.14.303
LinuxLinux Kernel Version >= 4.15 < 4.19.270
LinuxLinux Kernel Version >= 4.20 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.047
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3a866ff6fc2232c8e393cdb55ffb8ce947349e03
Patch
https://git.kernel.org/stable/c/aa9054267366ff0a382d403d17728e21951ddbb9
Patch
https://git.kernel.org/stable/c/35858b87a943917fa30172aa4bf01ce7adbcb42c
Patch
https://git.kernel.org/stable/c/b29a2f1dd33ae9b94821ab2f4d398b9081786748
Patch
https://git.kernel.org/stable/c/2ac0a7059b7bcbed35bfffa34a82c9a9e99638ef
Patch
https://git.kernel.org/stable/c/19ded60b40e86b0903c8d5bd0161437ed5107a8b
Patch
https://git.kernel.org/stable/c/ca765257feb89dacf604ced9cd233db5f865dee0
Patch
https://git.kernel.org/stable/c/76837e7f6b30da72ad59f56291e22804a219e015
Patch
https://git.kernel.org/stable/c/5ca86eae55a2f006e6c1edd2029b2cacb6979515
Patch