5.5

CVE-2022-50544

usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved:

usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

xhci_alloc_stream_info() allocates stream context array for stream_info
->stream_ctx_array with xhci_alloc_stream_ctx(). When some error occurs,
stream_info->stream_ctx_array is not released, which will lead to a
memory leak.

We can fix it by releasing the stream_info->stream_ctx_array with
xhci_free_stream_ctx() on the error path to avoid the potential memory
leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.35 < 4.9.331
LinuxLinux Kernel Version >= 4.10 < 4.14.296
LinuxLinux Kernel Version >= 4.15 < 4.19.262
LinuxLinux Kernel Version >= 4.20 < 5.4.220
LinuxLinux Kernel Version >= 5.5 < 5.10.150
LinuxLinux Kernel Version >= 5.11 < 5.15.75
LinuxLinux Kernel Version >= 5.16 < 5.19.17
LinuxLinux Kernel Version >= 6.0 < 6.0.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.046
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/7fc6bab3413e6a42bb1264ff7c9149808c93a4c7
Patch
https://git.kernel.org/stable/c/e702de2f5c893bf2cdb0152191f99a6ad1411823
Patch
https://git.kernel.org/stable/c/ddab9fe76296840aad686c66888a9c1dfdbff5ff
Patch
https://git.kernel.org/stable/c/9fa81cbd2dd300aa8fe9bac70e068b9a11cbb144
Patch
https://git.kernel.org/stable/c/91271a3e772e180bbb8afb114c72fd294a02f93d
Patch
https://git.kernel.org/stable/c/fcd594da0b5955119d9707e4e0a8d0fb1c969101
Patch
https://git.kernel.org/stable/c/a40ad475236022f3432880e3091c380e46e71a71
Patch
https://git.kernel.org/stable/c/782c873f8e7686f5b3c47e8b099f7e08c3dd1fdc
Patch
https://git.kernel.org/stable/c/7e271f42a5cc3768cd2622b929ba66859ae21f97
Patch