5.5
CVE-2023-53255
- EPSS 0.14%
- Veröffentlicht 15.09.2025 14:46:27
- Zuletzt bearbeitet 14.01.2026 18:16:38
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() svc_create_memory_pool() is only called from stratix10_svc_drv_probe(). Most of resources in the probe are managed, but not this memremap() call. There is also no memunmap() call in the file. So switch to devm_memremap() to avoid a resource leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.0 < 5.4.251
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.188
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.121
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.40
Linux ≫ Linux Kernel Version >= 6.2 < 6.4.5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.033 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/e3373e6b6c79aff698442b00d20c9f285d296e46
https://git.kernel.org/stable/c/c04ed61ebf01968d7699b121663982493ed577fb
https://git.kernel.org/stable/c/974ac045a05ad12a0b4578fb303f00dcc22f3aba
https://git.kernel.org/stable/c/cb8a31a56df8492fb0d900959238e1a3ff8b8981
https://git.kernel.org/stable/c/7363de081c793e47866cb54ce7cb8a480cffc259
https://git.kernel.org/stable/c/1995f15590ca222f91193ed11461862b450abfd6