5.5

CVE-2023-53568

s390/zcrypt: don't leak memory if dev_set_name() fails

In the Linux kernel, the following vulnerability has been resolved:

s390/zcrypt: don't leak memory if dev_set_name() fails

When dev_set_name() fails, zcdn_create() doesn't free the newly
allocated resources. Do it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.4.257
LinuxLinux Kernel Version >= 5.5 < 5.10.195
LinuxLinux Kernel Version >= 5.11 < 5.15.132
LinuxLinux Kernel Version >= 5.16 < 6.1.54
LinuxLinux Kernel Version >= 6.2 < 6.5.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.034
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/6b0cb9c055843777b374309503d89eabeb769355
Patch
https://git.kernel.org/stable/c/0878052579cb2773caee64812a811edcab6b5a55
Patch
https://git.kernel.org/stable/c/131cd74a8e38d75239f2c81dfee53d6554eb8bf8
Patch
https://git.kernel.org/stable/c/147d8da33a2c2195ec63acd56cd7d80a3458c253
Patch
https://git.kernel.org/stable/c/174f11ef1615ec3ab1e2189685864433c0d855a2
Patch
https://git.kernel.org/stable/c/6252f47b78031979ad919f971dc8468b893488bd
Patch