7.1

CVE-2023-52571

power: supply: rk817: Fix node refcount leak

In the Linux kernel, the following vulnerability has been resolved:

power: supply: rk817: Fix node refcount leak

Dan Carpenter reports that the Smatch static checker warning has found
that there is another refcount leak in the probe function. While
of_node_put() was added in one of the return paths, it should in
fact be added for ALL return paths that return an error and at driver
removal time.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.1.2 < 6.1.56
LinuxLinux Kernel Version >= 6.2 < 6.5.6
LinuxLinux Kernel Version6.6 Updaterc1
LinuxLinux Kernel Version6.6 Updaterc2
LinuxLinux Kernel Version6.6 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.136
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/488ef44c068e79752dba8eda0b75f524f111a695
Patch
https://git.kernel.org/stable/c/70326b46b6a043f7e7404b2ff678b033c06d6577
Patch
https://git.kernel.org/stable/c/fe6406238d5a24e9fb0286c71edd67b99d8db58d
Patch