Note:
This project will be discontinued after December 13, 2021. [more]
2019-11-18
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted
| Products | Ubuntu_linux, Linux_kernel, Enterprise_linux |
| Type | Improper Release of Memory Before Removing Last Reference (CWE-401) |
| First patch | - None (likely due to unavailable code) |
| Patches | https://github.com/torvalds/linux/commit/78beef629fd95be4ed853b2d37b832f766bd96ca |
| Links |
• https://lore.kernel.org/lkml/20191204103955.63c4d9af%40cakuba.netronome.com/
• https://git.kernel.org/linus/1d1997db870f4058676439ef7014390ba9e24eb2 • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6 • https://security.netapp.com/advisory/ntap-20191205-0001/ • https://usn.ubuntu.com/4209-1/ |