5.5
CVE-2024-56747
- EPSS 0.23%
- Veröffentlicht 29.12.2024 12:15:08
- Zuletzt bearbeitet 03.11.2025 21:18:26
- CVE-Watchlists
- Unerledigt
scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.10 < 4.19.325
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.287
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.231
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.174
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.120
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.64
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.11
Linux ≫ Linux Kernel Version >= 6.12 < 6.12.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.13 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/10a6fc486ac40a410f0fb84cc15161238eccd20a
https://git.kernel.org/stable/c/20b775cf274cfbfa3da871a1108877e17b8b19e1
https://git.kernel.org/stable/c/4e48e5b26b3edc0e1dd329201ffc924a7a1f9337
https://git.kernel.org/stable/c/95bbdca4999bc59a72ebab01663d421d6ce5775d
https://git.kernel.org/stable/c/a4d2011cbe039b25024831427b60ab91ee247066
https://git.kernel.org/stable/c/b778b5240485106abf665eb509cc01779ed0cb00
https://git.kernel.org/stable/c/bb8b45883eb072adba297922b67d1467082ac880
https://git.kernel.org/stable/c/cfc76acaf2c4b43d1e140f1e4cbde15adb540bc5
https://git.kernel.org/stable/c/eaf92fad1f21be63427920c12f22227e5f757424
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html