Debian: CVE-2024-44971: linux -- security update
描述
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: Fix a possible 内存泄漏 in bcm_sf2_mdio_register() bcm_sf2_mdio_register() calls of_phy_find_device() 和 then phy_device_remove() in a loop to remove existing PHY devices. of_phy_find_device() eventually calls bus_find_device(), which calls get_device() on the returned struct device * to increment the refcount. The current implementation does not decrement the refcount, which causes 内存泄漏. This commit adds the missing phy_device_free() call to decrement the refcount via put_device() to balance the refcount.
解决方案(年代)
- debian-upgrade-linux
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, 和 Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, 和 what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value 和 insight.
– Scott Cheney, 经理 of Information Security, Sierra View Medical Center