Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11.
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 5.3.5 (excluding) |
Linux | Ubuntu | eoan | * |
Linux | Ubuntu | precise/esm | * |
Linux | Ubuntu | upstream | * |
Linux-aws | Ubuntu | eoan | * |
Linux-aws | Ubuntu | upstream | * |
Linux-aws-5.0 | Ubuntu | upstream | * |
Linux-aws-5.4 | Ubuntu | bionic | * |
Linux-aws-fips | Ubuntu | trusty | * |
Linux-aws-fips | Ubuntu | xenial | * |
Linux-aws-hwe | Ubuntu | upstream | * |
Linux-azure | Ubuntu | eoan | * |
Linux-azure | Ubuntu | upstream | * |
Linux-azure-4.15 | Ubuntu | bionic | * |
Linux-azure-5.3 | Ubuntu | upstream | * |
Linux-azure-5.4 | Ubuntu | bionic | * |
Linux-azure-edge | Ubuntu | bionic | * |
Linux-azure-edge | Ubuntu | esm-infra/bionic | * |
Linux-azure-edge | Ubuntu | upstream | * |
Linux-azure-fde | Ubuntu | focal | * |
Linux-azure-fips | Ubuntu | trusty | * |
Linux-azure-fips | Ubuntu | xenial | * |
Linux-gcp | Ubuntu | eoan | * |
Linux-gcp | Ubuntu | upstream | * |
Linux-gcp-4.15 | Ubuntu | bionic | * |
Linux-gcp-5.3 | Ubuntu | upstream | * |
Linux-gcp-5.4 | Ubuntu | bionic | * |
Linux-gcp-edge | Ubuntu | bionic | * |
Linux-gcp-edge | Ubuntu | esm-infra/bionic | * |
Linux-gcp-edge | Ubuntu | upstream | * |
Linux-gcp-fips | Ubuntu | trusty | * |
Linux-gcp-fips | Ubuntu | xenial | * |
Linux-gke | Ubuntu | focal | * |
Linux-gke | Ubuntu | xenial | * |
Linux-gke-4.15 | Ubuntu | upstream | * |
Linux-gke-5.0 | Ubuntu | upstream | * |
Linux-gke-5.3 | Ubuntu | upstream | * |
Linux-gkeop | Ubuntu | focal | * |
Linux-gkeop-5.15 | Ubuntu | focal | * |
Linux-hwe | Ubuntu | upstream | * |
Linux-hwe-5.4 | Ubuntu | bionic | * |
Linux-hwe-edge | Ubuntu | bionic | * |
Linux-hwe-edge | Ubuntu | esm-infra/bionic | * |
Linux-hwe-edge | Ubuntu | esm-infra/xenial | * |
Linux-hwe-edge | Ubuntu | upstream | * |
Linux-hwe-edge | Ubuntu | xenial | * |
Linux-ibm-5.4 | Ubuntu | bionic | * |
Linux-kvm | Ubuntu | eoan | * |
Linux-kvm | Ubuntu | upstream | * |
Linux-lts-trusty | Ubuntu | precise/esm | * |
Linux-lts-trusty | Ubuntu | upstream | * |
Linux-lts-xenial | Ubuntu | upstream | * |
Linux-oem | Ubuntu | upstream | * |
Linux-oem | Ubuntu | xenial | * |
Linux-oem-5.4 | Ubuntu | upstream | * |
Linux-oem-osp1 | Ubuntu | upstream | * |
Linux-oracle | Ubuntu | eoan | * |
Linux-oracle | Ubuntu | upstream | * |
Linux-oracle-5.0 | Ubuntu | upstream | * |
Linux-oracle-5.4 | Ubuntu | bionic | * |
Linux-raspi-5.4 | Ubuntu | bionic | * |
Linux-raspi2 | Ubuntu | eoan | * |
Linux-raspi2 | Ubuntu | focal | * |
Linux-raspi2 | Ubuntu | upstream | * |
Linux-raspi2-5.3 | Ubuntu | upstream | * |
Linux-realtime | Ubuntu | jammy | * |
Linux-riscv | Ubuntu | focal | * |
Linux-riscv | Ubuntu | jammy | * |
Linux-snapdragon | Ubuntu | upstream | * |