CVE-2024-56747

Medium CVSS 5.5

Overview

In the Linux kernel, the following vulnerability has been resolved:

scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()

Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA
memory sb_virt when it fails. Add dma_free_coherent() to free it. This
is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().

CWE: CWE-401 Published: 2024-12-29T12:15:08.183

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.5 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags