5.5

CVE-2023-53211

driver core: location: Free struct acpi_pld_info *pld before return false

In the Linux kernel, the following vulnerability has been resolved:

driver core: location: Free struct acpi_pld_info *pld before return false

struct acpi_pld_info *pld should be freed before the return of allocation
failure, to prevent memory leak, add the ACPI_FREE() to fix it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.19 < 6.1.16
LinuxLinux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.039
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/8fe72b8f59f63ca776bb8a4fcd2f406057a9fc90
Patch
https://git.kernel.org/stable/c/5a9de90951bbeaed775e4b8d1b16b4d359e82bf5
Patch
https://git.kernel.org/stable/c/0d150f967e8410e1e6712484543eec709356a65d
Patch