5.5

CVE-2023-53435

cassini: Fix a memory leak in the error handling path of cas_init_one()

In the Linux kernel, the following vulnerability has been resolved:

cassini: Fix a memory leak in the error handling path of cas_init_one()

cas_saturn_firmware_init() allocates some memory using vmalloc(). This
memory is freed in the .remove() function but not it the error handling
path of the probe.

Add the missing vfree() to avoid a memory leak, should an error occur.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.28 < 4.14.316
LinuxLinux Kernel Version >= 4.15 < 4.19.284
LinuxLinux Kernel Version >= 4.20 < 5.4.244
LinuxLinux Kernel Version >= 5.5 < 5.10.181
LinuxLinux Kernel Version >= 5.11 < 5.15.113
LinuxLinux Kernel Version >= 5.16 < 6.1.30
LinuxLinux Kernel Version >= 6.2 < 6.3.4
LinuxLinux Kernel Version6.4 Updaterc1
LinuxLinux Kernel Version6.4 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/11c0ed097a874156957b515d0ba7e356142eab87
Patch
https://git.kernel.org/stable/c/172146c26f0c1b86ab4e9ebffc7e06f04229fa17
Patch
https://git.kernel.org/stable/c/234e744d86bd95b381d24546df2dba72804e0219
Patch
https://git.kernel.org/stable/c/412cd77a2c24b191c65ea53025222418db09817c
Patch
https://git.kernel.org/stable/c/60d8e8b88087d68e10c8991a0f6733fa2f963ff0
Patch
https://git.kernel.org/stable/c/b8b1a667744741fa7807b09a12797a27f14f3fac
Patch
https://git.kernel.org/stable/c/dc61f7582cc92d547d02e141cd66f5d1f4ed8012
Patch
https://git.kernel.org/stable/c/e20105d967ab5b53ff50a0e5991fe37324d2ba20
Patch