Note:
This project will be discontinued after December 13, 2021. [more]
2019-12-30
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.
| Products | Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap |
| Type | Improper Release of Memory Before Removing Last Reference (CWE-401) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://security.netapp.com/advisory/ntap-20200204-0002/
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.6 • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=003b686ace820ce2d635a83f10f2d7f9c147dabc |