5.5

CVE-2023-53196

usb: dwc3: qcom: Fix potential memory leak

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: qcom: Fix potential memory leak

Function dwc3_qcom_probe() allocates memory for resource structure
which is pointed by parent_res pointer. This memory is not
freed. This leads to memory leak. Use stack memory to prevent
memory leak.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.4.251
LinuxLinux Kernel Version >= 5.5 < 5.10.188
LinuxLinux Kernel Version >= 5.11 < 5.15.121
LinuxLinux Kernel Version >= 5.16 < 6.1.39
LinuxLinux Kernel Version >= 6.2 < 6.4.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.041
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/648a163cff21ea355c8765e882ba8bf66a870a3e
Patch
https://git.kernel.org/stable/c/74f8606ddfa450d2255b4e61472a7632def1e8c4
Patch
https://git.kernel.org/stable/c/b626cd5e4a87a281629e0c2b07519990077c0fbe
Patch
https://git.kernel.org/stable/c/c3b322b84ab5dda7eaca9ded763628b7467734f4
Patch
https://git.kernel.org/stable/c/134a7d4642f11daed6bbc378f930a54dd0322291
Patch
https://git.kernel.org/stable/c/097fb3ee710d4de83b8d4f5589e8ee13e0f0541e
Patch