CVE-2024-56748
MEDIUM
5,5
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
Description
AI Translation Available
In the Linux kernel, the following vulnerability has been resolved:
scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
Hook 'qed_ops->common->sb_init = qed_sb_init' does not release the DMA
memory sb_virt when it fails. Add dma_free_coherent() to free it. This
is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0005
Percentile
0,2th
Updated
EPSS Score Trend (Last 90 Days)
401
Missing Release of Memory after Effective Lifetime
DraftCommon Consequences
Security Scopes Affected:
Availability
Other
Potential Impacts:
Dos: Crash, Exit, Or Restart
Dos: Instability
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Reduce Performance
Applicable Platforms
Languages:
C, C++, Not Language-Specific
Operating System
Linux Kernel by Linux
Version Range Affected
From
5.16
(inclusive)
To
6.1.120
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.7
(inclusive)
To
6.11.11
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
5.11
(inclusive)
To
5.15.174
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.11
(inclusive)
To
5.4.287
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
5.5
(inclusive)
To
5.10.231
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.2
(inclusive)
To
6.6.64
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.12
(inclusive)
To
6.12.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://git.kernel.org/stable/c/0e04bd5a11dffe8c1c0e4c9fc79f7d3cd6182dd5
https://git.kernel.org/stable/c/64654bf5efb3f748e6fc41227adda689618ce9c4
https://git.kernel.org/stable/c/78a169dc69fbdaf114c40e2d56955bf6bd4fc3c0
https://git.kernel.org/stable/c/7c1832287b21ff68c4e3625e63cc7619edf5908b
https://git.kernel.org/stable/c/97384449ddfc07f12ca75f510eb070020d7abb34
https://git.kernel.org/stable/c/a56777a3ef5b35e24a20c4418bcf88bad033807a
https://git.kernel.org/stable/c/b514f45e0fe18d763a1afc34401b1585333cb329
https://git.kernel.org/stable/c/c62c30429db3eb4ced35c7fcf6f04a61ce3a01bb
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html