In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() When dma_map_single() fails in tse_start_xmit(), the function returns NETDEV_TX_OK without freeing the skb. Since NETDEV_TX_OK tells the stack the packet was consumed, the skb is never freed, leaking memory on every DMA mapping failure. Add dev_kfree_skb_any() before returning to properly free the skb.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-401
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b403284c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcbbf7e40> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdd607780> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b4032a980> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b40329ec0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b4032b780> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdd152d40> | Operating System |
| linux | linux_kernel | 3.15 | <built-in method update of dict object at 0x702bcbbf77c0> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702bdd6061c0> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702b4032aec0> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702bde4f3980> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702bcbbf4ec0> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702bdd605740> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702bdd1504c0> | Operating System |
| linux | linux_kernel | 7.0 | <built-in method update of dict object at 0x702bdd6068c0> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:3.15:-:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:* |