-
CVE-2023-54022
- EPSS 0.04%
- Veröffentlicht 24.12.2025 10:55:52
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ALSA: usb-audio: Fix potential memory leaks at error path for UMP open
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at alloc_midi_urbs() that is called at MIDI 2.0 / UMP device are supposed to be handled at the caller side by invoking free_midi_urbs(). However, free_midi_urbs() loops only for ep->num_urbs entries, and since ep->num_entries wasn't updated yet at the allocation / init error in alloc_midi_urbs(), this entry won't be released. The intention of free_midi_urbs() is to release the whole elements, so change the loop size to NUM_URBS to scan over all elements for fixing the missed releases. Also, the call of free_midi_urbs() is missing at snd_usb_midi_v2_open(). Although it'll be released later at reopen/close or disconnection, it's better to release immediately at the error path.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
ff49d1df79aef7580fe3ac99d17c3f886655d080
Version <
f819b343aa95d24d5f7d6e06660c7f62591abc5f
Status
affected
Version
ff49d1df79aef7580fe3ac99d17c3f886655d080
Version <
b1757fa30ef14f254f4719bf6f7d54a4c8207216
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.5
Status
affected
Version
0
Version <
6.5
Status
unaffected
Version <=
6.5.*
Version
6.5.3
Status
unaffected
Version <=
*
Version
6.6
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.104 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|