How severe is CVE-2024-53202?

CVE-2024-53202 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2024-53202

Name: linux_kernel
Author: linux

5.5MEDIUM

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix possible resource leak in fw_log_firmware_info() The alg instance should be released under the exception path

Published: 12/27/2024Updated: 10/1/2025

Description

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix possible resource leak in fw_log_firmware_info() The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with crypto_free_shash when kmalloc fails.

AI AnalysisPowered by AI

Affected Products

linuxlinux_kernel

References

https://git.kernel.org/stable/c/369a9c046c2fdfe037f05b43b84c386bdbccc103
Patch
https://git.kernel.org/stable/c/789a72498d32f88d24371c10985aceb46397056c
Patch
https://git.kernel.org/stable/c/eb5d67d00ad17a5bd0920f455160dc2ccbd2dc78
Patch
https://git.kernel.org/stable/c/f380f895dbb2a11d62ca6df9e82d995f4bc26b84
Patch