5.5

CVE-2024-27077

media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity

The entity->name (i.e. name) is allocated in v4l2_m2m_register_entity
but isn't freed in its following error-handling paths. This patch
adds such deallocation to prevent memleak of entity->name.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.19 < 4.19.311
LinuxLinux Kernel Version >= 4.20 < 5.4.273
LinuxLinux Kernel Version >= 5.5 < 5.10.214
LinuxLinux Kernel Version >= 5.11 < 5.15.153
LinuxLinux Kernel Version >= 5.16 < 6.1.83
LinuxLinux Kernel Version >= 6.2 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.203
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Patch
https://git.kernel.org/stable/c/0175f2d34c85744f9ad6554f696cf0afb5bd04e4
Patch
https://git.kernel.org/stable/c/0c9550b032de48d6a7fa6a4ddc09699d64d9300d
Patch
https://git.kernel.org/stable/c/3dd8abb0ed0e0a7c66d6d677c86ccb188cc39333
Patch
https://git.kernel.org/stable/c/5dc319cc3c4f7b74f7dfba349aa26f87efb52458
Patch
https://git.kernel.org/stable/c/8f94b49a5b5d386c038e355bef6347298aabd211
Patch
https://git.kernel.org/stable/c/90029b9c979b60de5cb2b70ade4bbf61d561bc5d
Patch
https://git.kernel.org/stable/c/9c23ef30e840fedc66948299509f6c2777c9cf4f
Patch
https://git.kernel.org/stable/c/afd2a82fe300032f63f8be5d6cd6981e75f8bbf2
Patch
https://git.kernel.org/stable/c/dc866b69cc51af9b8509b4731b8ce2a4950cd0ef
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html