5.5
CVE-2024-38632
- EPSS 0.22%
- Veröffentlicht 21.06.2024 11:15:11
- Zuletzt bearbeitet 03.11.2025 22:17:02
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
vfio/pci: fix potential memory leak in vfio_intx_enable()
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable() If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.6.24 < 6.6.33
Linux ≫ Linux Kernel Version >= 6.9 < 6.9.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.123 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/0bd22a4966d55f1d2c127a53300d5c2b50152376
https://git.kernel.org/stable/c/35fef97c33f3d3ca0455f9a8e2a3f2c1f8cc9140
https://git.kernel.org/stable/c/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2
https://git.kernel.org/stable/c/91ced077db2062604ec270b1046f8337e9090079
https://git.kernel.org/stable/c/a6d810554d7d9d07041f14c5fcd453f3d3fed594
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html