5.5

CVE-2023-53512

scsi: mpt3sas: Fix a memory leak

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix a memory leak

Add a forgotten kfree().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.16 < 5.10.173
LinuxLinux Kernel Version >= 5.11 < 5.15.99
LinuxLinux Kernel Version >= 5.16 < 6.1.16
LinuxLinux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/28137ea3eb05a87329a7154a8ff410d9e8bcc0a5
Patch
https://git.kernel.org/stable/c/30c7c72b6cf9d8c95f9b219c9d2e4e31b15bebe5
Patch
https://git.kernel.org/stable/c/378cc0eec4aa546ce1ae17515e2dfab719d4fb1e
Patch
https://git.kernel.org/stable/c/54dd96015e8d7a2a07359e2dfebf05b529d1780c
Patch
https://git.kernel.org/stable/c/847cdbdcd5a24c1eec9595161a23b88fef91ff42
Patch