Note:
This project will be discontinued after December 13, 2021. [more]
2019-11-18
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
Products | Ubuntu_linux, Linux_kernel |
Type | Improper Release of Memory Before Removing Last Reference (CWE-401) |
First patch | - None (likely due to unavailable code) |
Patches | https://github.com/torvalds/linux/commit/6402939ec86eaf226c8b8ae00ed983936b164908 |
Links |
• https://usn.ubuntu.com/4208-1/
• https://usn.ubuntu.com/4210-1/ • https://security.netapp.com/advisory/ntap-20191205-0001/ • https://usn.ubuntu.com/4226-1/ • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 |