5.5

CVE-2023-53195

mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init

In the Linux kernel, the following vulnerability has been resolved:

mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init

The line cards array is not freed in the error path of
mlxsw_m_linecards_init(), which can lead to a memory leak. Fix by
freeing the array in the error path, thereby making the error path
identical to mlxsw_m_linecards_fini().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.1 < 6.1.39
LinuxLinux Kernel Version >= 6.2 < 6.4.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.039
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/d4f5b1dd816dccd4ee6bb60b2a81a3d4373636a9
Patch
https://git.kernel.org/stable/c/cd716022c968bc6748f23708b986f845b45791b7
Patch
https://git.kernel.org/stable/c/08fc75735fda3be97194bfbf3c899c87abb3d0fe
Patch