5.5

CVE-2023-53423

objtool: Fix memory leak in create_static_call_sections()

In the Linux kernel, the following vulnerability has been resolved:

objtool: Fix memory leak in create_static_call_sections()

strdup() allocates memory for key_name. We need to release the memory in
the following error paths. Add free() to avoid memory leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10 < 5.10.173
LinuxLinux Kernel Version >= 5.11 < 5.15.100
LinuxLinux Kernel Version >= 5.16 < 6.1.18
LinuxLinux Kernel Version >= 6.2 < 6.2.5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3a75866a5ceff5d4fdd5471e06c4c4d03e0298b3
Patch
https://git.kernel.org/stable/c/3da73f102309fe29150e5c35acd20dd82063ff67
Patch
https://git.kernel.org/stable/c/a1368eaea058e451d20ea99ca27e72d9df0d16dd
Patch
https://git.kernel.org/stable/c/a8f63d747bf7c983882a5ea7456a5f84ad3acad5
Patch
https://git.kernel.org/stable/c/d131718d9c45d559951f57c4b88209ca407433c4
Patch