5.5

CVE-2023-53290

samples/bpf: Fix fout leak in hbm's run_bpf_prog

In the Linux kernel, the following vulnerability has been resolved:

samples/bpf: Fix fout leak in hbm's run_bpf_prog

Fix fout being fopen'ed but then not subsequently fclose'd. In the affected
branch, fout is otherwise going out of scope.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.1 < 5.4.244
LinuxLinux Kernel Version >= 5.5 < 5.10.181
LinuxLinux Kernel Version >= 5.11 < 5.15.113
LinuxLinux Kernel Version >= 5.16 < 6.1.30
LinuxLinux Kernel Version >= 6.2 < 6.3.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/a7ec2f424f6edad34651137783a0a59eca9aa37e
Patch
https://git.kernel.org/stable/c/7560ed6592ff4077528c239c71e91b19de985b97
Patch
https://git.kernel.org/stable/c/e3e6e252d74f20f6fc610c7fef3ae7dda0109a6f
Patch
https://git.kernel.org/stable/c/f2065b8b0a215bc6aa061287a2e3d9eab2446422
Patch
https://git.kernel.org/stable/c/edf37bc8b03d3f948e679b2fd2d14464495f5d1b
Patch
https://git.kernel.org/stable/c/23acb14af1914010dd0aae1bbb7fab28bf518b8e
Patch