5.5
CVE-2024-35972
- EPSS 0.23%
- Veröffentlicht 20.05.2024 10:15:12
- Zuletzt bearbeitet 21.11.2024 09:21:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly immediately after allocation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.216
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.158
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.87
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.28
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/10a9d6a7513f93d7faffcb341af0aa42be8218fe
https://git.kernel.org/stable/c/7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ff
https://git.kernel.org/stable/c/c60ed825530b8c0cc2b524efd39b1d696ec54004