5.5

CVE-2023-53330

caif: fix memory leak in cfctrl_linkup_request()

In the Linux kernel, the following vulnerability has been resolved:

caif: fix memory leak in cfctrl_linkup_request()

When linktype is unknown or kzalloc failed in cfctrl_linkup_request(),
pkt is not released. Add release process to error path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.35 < 4.14.303
LinuxLinux Kernel Version >= 4.15 < 4.19.270
LinuxLinux Kernel Version >= 4.20 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.87
LinuxLinux Kernel Version >= 5.16 < 6.0.19
LinuxLinux Kernel Version >= 6.1 < 6.1.5
LinuxLinux Kernel Version6.2 Updaterc1
LinuxLinux Kernel Version6.2 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/badea57569db04b010e922e29a7aaf40a979a70b
Patch
https://git.kernel.org/stable/c/3acf3783a84cbdf0c9f8cf2f32ee9c49af93a2da
Patch
https://git.kernel.org/stable/c/33df9c5d5e2a18c70f5f5f3c2757d654c1b6ffa3
Patch
https://git.kernel.org/stable/c/84b2cc7b36b7f6957d307fb3d01603f93cb2d655
Patch
https://git.kernel.org/stable/c/dc1bc903970bdf63ca40ab923d3ccb765da9a8d9
Patch
https://git.kernel.org/stable/c/1dddeceb26002cfea4c375e92ac6498768dc7349
Patch
https://git.kernel.org/stable/c/3ad47c8aa5648226184415e4a0cb1bf67ffbfd48
Patch
https://git.kernel.org/stable/c/fe69230f05897b3de758427b574fc98025dfc907
Patch