AZL-55506

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-55506.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-55506
Upstream
Published
2024-12-27T14:15:27Z
Modified
2026-04-01T05:18:38.913918Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
CVE-2024-53202 affecting package kernel for versions less than 6.6.64.2-1
Details

In the Linux kernel, the following vulnerability has been resolved:

firmwareloader: Fix possible resource leak in fwlogfirmwareinfo()

The alg instance should be released under the exception path, otherwise there may be resource leak here.

To mitigate this, free the alg instance with cryptofreeshash when kmalloc fails.

References

Affected packages

Azure Linux:3 / kernel

Package

Name
kernel
Purl
pkg:rpm/azure-linux/kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.6.64.2-1

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-55506.json"