5.5

CVE-2023-53518

PM / devfreq: Fix leak in devfreq_dev_release()

In the Linux kernel, the following vulnerability has been resolved:

PM / devfreq: Fix leak in devfreq_dev_release()

srcu_init_notifier_head() allocates resources that need to be released
with a srcu_cleanup_notifier_head() call.

Reported by kmemleak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.7 < 4.14.326
LinuxLinux Kernel Version >= 4.15 < 4.19.295
LinuxLinux Kernel Version >= 4.20 < 5.4.257
LinuxLinux Kernel Version >= 5.5 < 5.10.195
LinuxLinux Kernel Version >= 5.11 < 5.15.132
LinuxLinux Kernel Version >= 5.16 < 6.1.53
LinuxLinux Kernel Version >= 6.2 < 6.4.16
LinuxLinux Kernel Version >= 6.5 < 6.5.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.036
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e
Patch
https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e
Patch
https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab
Patch
https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6
Patch
https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe
Patch
https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d
Patch
https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968
Patch
https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02
Patch
https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0
Patch