5.5

CVE-2023-53579

gpio: mvebu: fix irq domain leak

In the Linux kernel, the following vulnerability has been resolved:

gpio: mvebu: fix irq domain leak

Uwe Kleine-König pointed out we still have one resource leak in the mvebu
driver triggered on driver detach. Let's address it with a custom devm
action.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.16.40 < 3.17
LinuxLinux Kernel Version >= 4.8.9 < 4.9
LinuxLinux Kernel Version >= 4.9.1 < 5.15.124
LinuxLinux Kernel Version >= 5.16 < 6.1.43
LinuxLinux Kernel Version >= 6.2 < 6.4.8
LinuxLinux Kernel Version4.9 Update-
LinuxLinux Kernel Version4.9 Updaterc4
LinuxLinux Kernel Version4.9 Updaterc5
LinuxLinux Kernel Version4.9 Updaterc6
LinuxLinux Kernel Version4.9 Updaterc7
LinuxLinux Kernel Version4.9 Updaterc8
LinuxLinux Kernel Version6.5 Updaterc1
LinuxLinux Kernel Version6.5 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.035
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/b19e90521286a03bc3793fd598f20277a8f99c85
Patch
https://git.kernel.org/stable/c/44e2afbf650f3264519643fcc9e6b4d2f6e8d547
Patch
https://git.kernel.org/stable/c/d9b791d8362359d241b4e8f4b4767c681ffdb6ef
Patch
https://git.kernel.org/stable/c/644ee70267a934be27370f9aa618b29af7290544
Patch