5.5

CVE-2024-27076

media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak

In the Linux kernel, the following vulnerability has been resolved:

media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak

Free the memory allocated in v4l2_ctrl_handler_init on release.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.4.273
LinuxLinux Kernel Version >= 5.5 < 5.10.214
LinuxLinux Kernel Version >= 5.11 < 5.15.153
LinuxLinux Kernel Version >= 5.16 < 6.1.83
LinuxLinux Kernel Version >= 6.2 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.203
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Mailing List
https://git.kernel.org/stable/c/42492b00156c03a79fd4851190aa63045d6a15ce
Patch
https://git.kernel.org/stable/c/4797a3dd46f220e6d83daf54d70c5b33db6deb01
Patch
https://git.kernel.org/stable/c/5d9fe604bf9b5b09d2215225df55f22a4cbbc684
Patch
https://git.kernel.org/stable/c/6c92224721a439d6350db5933a1060768dcd565e
Patch
https://git.kernel.org/stable/c/8c2e4efe1278cd2b230cdbf90a6cefbf00acc282
Patch
https://git.kernel.org/stable/c/8df9a3c7044b847e9c4dc7e683fd64c6b873f328
Patch
https://git.kernel.org/stable/c/b1d0eebaf87cc9ccd05f779ec4a0589f95d6c18b
Patch
https://git.kernel.org/stable/c/d164ddc21e986dd9ad614b4b01746e5457aeb24f
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html