5.5
CVE-2024-27068
- EPSS 0.22%
- Veröffentlicht 01.05.2024 13:15:50
- Zuletzt bearbeitet 23.12.2024 14:25:40
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path If devm_krealloc() fails, then 'efuse' is leaking. So free it to avoid a leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.3 < 6.6.23
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.11
Linux ≫ Linux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.128 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/2db869da91afd48e5b9ec76814709be49662b07d
https://git.kernel.org/stable/c/9b02197596671800dd934609384b1aca7c6ad218
https://git.kernel.org/stable/c/a37f3652bee468f879d35fe2da9ede3f1dcbb7be
https://git.kernel.org/stable/c/ca93bf607a44c1f009283dac4af7df0d9ae5e357