5.5

CVE-2023-53174

scsi: core: Fix possible memory leak if device_add() fails

In the Linux kernel, the following vulnerability has been resolved:

scsi: core: Fix possible memory leak if device_add() fails

If device_add() returns error, the name allocated by dev_set_name() needs
be freed. As the comment of device_add() says, put_device() should be used
to decrease the reference count in the error path. So fix this by calling
put_device(), then the name can be freed in kobject_cleanp().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.26 < 4.14.323
LinuxLinux Kernel Version >= 4.15 < 4.19.292
LinuxLinux Kernel Version >= 4.20 < 5.4.254
LinuxLinux Kernel Version >= 5.5 < 5.10.191
LinuxLinux Kernel Version >= 5.11 < 5.15.127
LinuxLinux Kernel Version >= 5.16 < 6.1.46
LinuxLinux Kernel Version >= 6.2 < 6.4.11
LinuxLinux Kernel Version6.5 Updaterc1
LinuxLinux Kernel Version6.5 Updaterc2
LinuxLinux Kernel Version6.5 Updaterc3
LinuxLinux Kernel Version6.5 Updaterc4
LinuxLinux Kernel Version6.5 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.041
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/63956ad27a6882f01fea7c69e17823090f4c7b3f
Patch
https://git.kernel.org/stable/c/06c5340858011aa1195aec43a776e3185fbf7f56
Patch
https://git.kernel.org/stable/c/e12fac07f61caac9c5b186d827658b3470787619
Patch
https://git.kernel.org/stable/c/aa9a76d5ffdecd3b52ac333eb89361b0c9fe04e8
Patch
https://git.kernel.org/stable/c/6bc7f4c8c27d526f968788b8a985896755b1df35
Patch
https://git.kernel.org/stable/c/b191ff1f075c4875f11271cbf0093e6e044a12aa
Patch
https://git.kernel.org/stable/c/43c0e16d0c5ec59398b405f4c4aa5a076e656c3f
Patch
https://git.kernel.org/stable/c/04b5b5cb0136ce970333a9c6cec7e46adba1ea3a
Patch