-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
-
False
-
None
-
False
-
-
A group of Findings has been pushed to JIRA to be investigated and fixed:
Group
Group: Medium in test/PSSECAUT-317 / irqbalance-1.9.2-3.el9 / csmock Scan (SARIF)
Severity | CVE | CWE | Component | Version | Title | Status |
---|---|---|---|---|---|---|
Medium | None | 457 | None | None | Using Uninitialized Value "Errsave". | Active |
Medium | None | 457 | None | None | Using Uninitialized Value "Errsave" When Calling "Strerror". | Active |
Severity: Medium
Findings
Using Uninitialized Value "Errsave".
Defect Dojo link: https://redhat-prodsec.cloud.defectdojo.com/finding/2974088 (2974088)
Severity: Medium
CWE: CWE-457
CVE: Unknown
Source File: irqbalance-1.9.2/activate.c
Source Line: 97
Description:
*Result message:* Using uninitialized value "errsave".
*Snippet:*
```Problem detected in this context:
95| "Cannot change IRQ %i affinity: %s\n",
96| info->irq, strerror(errsave));
97|-> switch (errsave) {
98| case ENOSPC: /* Specified CPU APIC is full. */
99| case EAGAIN: /* Interrupted by signal. */```
*Code flow:*
1. irqbalance-1.9.2/activate.c:L53
Declaring variable "errsave" without initializer.
2. irqbalance-1.9.2/activate.c:L59
Condition "!info->moved", taking false branch.
3. irqbalance-1.9.2/activate.c:L62
Condition "!info->assigned_obj", taking false branch.
4. irqbalance-1.9.2/activate.c:L65
Condition "info->flags & (2ULL /* 1ULL << 1 */)", taking false branch.
5. irqbalance-1.9.2/activate.c:L74
Condition "check_affinity(info, applied_mask)", taking false branch.
6. irqbalance-1.9.2/activate.c:L79
Condition "!file", taking true branch.
7. irqbalance-1.9.2/activate.c:L80
Jumping to label "error".
8. irqbalance-1.9.2/activate.c:L94
Condition "journal_logging", taking false branch.
9. irqbalance-1.9.2/activate.c:L94
Condition "log_mask & (3U /* (1 << 0) | (1 << 1) /) & (1U / 1 << 0 */)", taking false branch.
10. irqbalance-1.9.2/activate.c:L94
Condition "log_mask & (3U /* (1 << 0) | (1 << 1) /) & (2U / 1 << 1 */)", taking false branch.
11. irqbalance-1.9.2/activate.c:L97
Using uninitialized value "errsave".
References:
https://cwe.mitre.org/data/definitions/457.html
Reporter: (ccota) ()
Findings
Using Uninitialized Value "Errsave" When Calling "Strerror".
Defect Dojo link: https://redhat-prodsec.cloud.defectdojo.com/finding/2974087 (2974087)
Severity: Medium
CWE: CWE-457
CVE: Unknown
Source File: irqbalance-1.9.2/activate.c
Source Line: 94
Description:
*Result message:* Using uninitialized value "errsave" when calling "strerror".
*Snippet:*
```Problem detected in this context:
92| return;
93| error:
94|-> log(TO_ALL, LOG_WARNING,
95| "Cannot change IRQ %i affinity: %s\n",
96| info->irq, strerror(errsave));```
*Code flow:*
1. irqbalance-1.9.2/activate.c:L53
Declaring variable "errsave" without initializer.
2. irqbalance-1.9.2/activate.c:L59
Condition "!info->moved", taking false branch.
3. irqbalance-1.9.2/activate.c:L62
Condition "!info->assigned_obj", taking false branch.
4. irqbalance-1.9.2/activate.c:L65
Condition "info->flags & (2ULL /* 1ULL << 1 */)", taking false branch.
5. irqbalance-1.9.2/activate.c:L74
Condition "check_affinity(info, applied_mask)", taking false branch.
6. irqbalance-1.9.2/activate.c:L79
Condition "!file", taking true branch.
7. irqbalance-1.9.2/activate.c:L80
Jumping to label "error".
8. irqbalance-1.9.2/activate.c:L94
Condition "journal_logging", taking true branch.
9. irqbalance-1.9.2/activate.c:L94
Using uninitialized value "errsave" when calling "strerror".
References:
https://cwe.mitre.org/data/definitions/457.html
Reporter: (ccota) ()