Updated: 2025-05-05 17:15:42.723881
Description:
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. Thus, put_device() should be used rather than kfree(). Add "mport->net = NULL;" to avoid a use after free issue.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Not Vulnerable | 2025-04-30 04:14:23 | ||
| AlmaLinux 9.6 ESU | kernel | 5.14.0 | 7.8 | HIGH | Needs Triage | 2025-07-03 10:52:05 | ||
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2025-05-07 04:16:00 | ||
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2025-05-07 04:16:00 | ||
| CentOS Stream 8 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2025-05-07 04:16:00 | ||
| Oracle Linux 7 ELS | kernel-uek | 5.4.17 | 7.8 | HIGH | Released | CLSA-2025:1746479711 | 2025-05-08 04:11:21 | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.8 | HIGH | Released | CLSA-2025:1749571039 | 2025-06-11 00:59:45 | |
| Ubuntu 18.04 ELS | linux | 4.15.0 | 7.8 | HIGH | Released | CLSA-2025:1749548422 | 2025-06-11 00:59:43 | |
| Ubuntu 20.04 ELS | linux | 5.4.0 | 7.8 | HIGH | Released | 2025-06-24 00:41:59 |