Описание
In the Linux kernel, the following vulnerability has been resolved:
net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg
ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to
obtain the wwan power state configuration from BIOS but is
not freeing the acpi_object. The acpi_evaluate_dsm() returned
acpi_object to be freed.
Free the acpi_object after use.
A flaw was found in the Linux kernel's iosm module. A memory leak can occur due to a missing memory release of memory used to read power state configuration from BIOS, potentially impacting system performance and resulting in a denial of service.
Отчет
The iosm module is not built in the Linux kernel as shipped in Red Hat Enterprise Linux 6, 7 and 8, so these Red Hat Enterprise Linux versions are not affected by this vulnerability. The iosm module as shipped in Red Hat Enterprise Linux 10 is not affected by this vulnerability because the vulnerable code is not present. This issue has been fixed in Red Hat Enterprise Linux 9.3 via RHSA-2023:6583 [1]. [1]. https://access.redhat.com/errata/RHSA-2023:6583
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Fix deferred | ||
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2023:6583 | 07.11.2023 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2023:6583 | 07.11.2023 |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain the wwan power state configuration from BIOS but is not freeing the acpi_object. The acpi_evaluate_dsm() returned acpi_object to be freed. Free the acpi_object after use.
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain the wwan power state configuration from BIOS but is not freeing the acpi_object. The acpi_evaluate_dsm() returned acpi_object to be freed. Free the acpi_object after use.
In the Linux kernel, the following vulnerability has been resolved: n ...
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain the wwan power state configuration from BIOS but is not freeing the acpi_object. The acpi_evaluate_dsm() returned acpi_object to be freed. Free the acpi_object after use.
5.5 Medium
CVSS3