5.5

CVE-2023-53449

s390/dasd: Fix potential memleak in dasd_eckd_init()

In the Linux kernel, the following vulnerability has been resolved:

s390/dasd: Fix potential memleak in dasd_eckd_init()

`dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it
also needs to be freed before the error returns, just like the other
cases in this function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.4.235
LinuxLinux Kernel Version >= 5.5 < 5.10.173
LinuxLinux Kernel Version >= 5.11 < 5.15.99
LinuxLinux Kernel Version >= 5.16 < 6.1.16
LinuxLinux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.042
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/460e9bed82e49db1b823dcb4e421783854d86c40
Patch
https://git.kernel.org/stable/c/544a552be0869231799784279d52704c4d314d33
Patch
https://git.kernel.org/stable/c/a50e28d433acf22258f9f34831057387f04ef074
Patch
https://git.kernel.org/stable/c/aede5230d154b6b237985ec9df7ebbd1dce96810
Patch
https://git.kernel.org/stable/c/ee986d80acdef710a886be404308188ea11000c8
Patch
https://git.kernel.org/stable/c/ef3a7ffc0a6f833578bc8d1dcb79d0633c7e4ec3
Patch