5.5

CVE-2022-50510

perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

In the Linux kernel, the following vulnerability has been resolved:

perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

arm_smmu_pmu_init() won't remove the callback added by
cpuhp_setup_state_multi() when platform_driver_register() failed. Remove
the callback by cpuhp_remove_multi_state() in fail path.

Similar to the handling of arm_ccn_init() in commit 26242b330093 ("bus:
arm-ccn: Prevent hotplug callback leak")
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.2 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/d69bdb61d577297d3851fc9f6403574bf73ef41f
Patch
https://git.kernel.org/stable/c/359286f886feef38536eaa7e673dc3440f03b0a1
Patch
https://git.kernel.org/stable/c/b131304fe722853cf26e55c4fa21fc58a36e7f21
Patch
https://git.kernel.org/stable/c/f245ca9a0fe7f794a8187ad803d5e2ced5a11cb2
Patch
https://git.kernel.org/stable/c/582babe17ea878ec1d76f30e03f3a6ce6e30eb91
Patch
https://git.kernel.org/stable/c/6f2d566b46436a50a80d6445e82879686b89588c
Patch