Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-35972

HistoryMay 20, 2024 - 10:15 a.m.

CVE-2024-35972

2024-05-2010:15:12

CWE-401

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability

memory leak

fix

bnxt_en

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()

If ulp = kzalloc() fails, the allocated edev will leak because it is
not properly assigned and the cleanup path will not be able to free it.
Fix it by assigning it properly immediately after allocation.

Affected configurations

NVD

Node

linuxlinux_kernelRange5.5–5.10.216

linuxlinux_kernelRange5.11–5.15.158

linuxlinux_kernelRange5.16–6.1.87

linuxlinux_kernelRange6.2–6.6.28

linuxlinux_kernelRange6.7–6.8.7

References

git.kernel.org/stable/c/10a9d6a7513f93d7faffcb341af0aa42be8218fe

git.kernel.org/stable/c/7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ff

git.kernel.org/stable/c/c60ed825530b8c0cc2b524efd39b1d696ec54004

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2024-35972