5.5

CVE-2023-53546

net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx

when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory
pointed by 'in' is not released, which will cause memory leak. Move memory
release after mlx5_cmd_exec.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.4.253
LinuxLinux Kernel Version >= 5.5 < 5.10.190
LinuxLinux Kernel Version >= 5.11 < 5.15.126
LinuxLinux Kernel Version >= 5.16 < 6.1.45
LinuxLinux Kernel Version >= 6.2 < 6.4.10
LinuxLinux Kernel Version6.5 Updaterc1
LinuxLinux Kernel Version6.5 Updaterc2
LinuxLinux Kernel Version6.5 Updaterc3
LinuxLinux Kernel Version6.5 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/800d8c96bf997da5eb76ccf8d88795c4231c83fb
Patch
https://git.kernel.org/stable/c/165159854757dbae0dfd1812b27051da35aa6223
Patch
https://git.kernel.org/stable/c/00cecb0a8f9e7a21754d5ad85813ab6b47b3308f
Patch
https://git.kernel.org/stable/c/3169c3854397f3070a63b1b772db16dcb8cba7b4
Patch
https://git.kernel.org/stable/c/622d71d99124e69f7bf2e2b7a89f5f444a24d235
Patch
https://git.kernel.org/stable/c/5dd77585dd9d0e03dd1bceb95f0269a7eaf6b936
Patch