5.5

CVE-2024-35972

bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()

In the Linux kernel, the following vulnerability has been resolved:

bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()

If ulp = kzalloc() fails, the allocated edev will leak because it is
not properly assigned and the cleanup path will not be able to free it.
Fix it by assigning it properly immediately after allocation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.5 < 5.10.216
LinuxLinux Kernel Version >= 5.11 < 5.15.158
LinuxLinux Kernel Version >= 5.16 < 6.1.87
LinuxLinux Kernel Version >= 6.2 < 6.6.28
LinuxLinux Kernel Version >= 6.7 < 6.8.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.129
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/10a9d6a7513f93d7faffcb341af0aa42be8218fe
Patch
https://git.kernel.org/stable/c/7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ff
Patch
https://git.kernel.org/stable/c/c60ed825530b8c0cc2b524efd39b1d696ec54004
Patch