search

hshivhare67 / Kernel_4.1.15_CVE-2020-25668

Other
0 stars 0 forks source link

WS-2021-0278 (Medium) detected in linuxlinux-4.1.18, linuxlinux-4.1.18 #959

Open mend-bolt-for-github[bot] opened 10 months ago

mend-bolt-for-github[bot] commented 10 months ago

WS-2021-0278 - Medium Severity Vulnerability

Vulnerable Libraries - linuxlinux-4.1.18, linuxlinux-4.1.18

Vulnerability Details

Linux Kernel in versions v3.3 to v5.12.9 caif_enroll_dev() can fail in some cases. Ignoring these cases can lead to memory leak due to not assigning link_support pointer to anywhere

Publish Date: 2021-06-25

URL: WS-2021-0278

CVSS 3 Score Details (6.2)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://osv.dev/vulnerability/UVI-2021-1000712

Release Date: 2021-06-25

Fix Resolution: v4.4.272

Step up your Open Source Security Game with Mend here

mend-bolt-for-github[bot] commented 6 months ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.