5.5
CVE-2024-56546
- EPSS 0.21%
- Veröffentlicht 27.12.2024 14:15:34
- Zuletzt bearbeitet 03.11.2025 21:17:53
- CVE-Watchlists
- Unerledigt
drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend()
In the Linux kernel, the following vulnerability has been resolved: drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() If we fail to allocate memory for cb_data by kmalloc, the memory allocation for eve_data is never freed, add the missing kfree() in the error handling path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.19 < 6.1.120
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.64
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.11
Linux ≫ Linux Kernel Version >= 6.12 < 6.12.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.115 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/272168927f38bda46f6c1ed5f40de97689e7a5d2
https://git.kernel.org/stable/c/44ed4f90a97ff6f339e50ac01db71544e0990efc
https://git.kernel.org/stable/c/584d420771e1ad2bb74e19a19da8ae0fee0a6e1f
https://git.kernel.org/stable/c/5a3bda42394ff137eb2d3d3d20d2956a8c6e9237
https://git.kernel.org/stable/c/882d7afaa4b82c20a7be7a3a039532a80ebacd23
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html