5.5
CVE-2022-48775
- EPSS 0.23%
- Veröffentlicht 16.07.2024 12:15:02
- Zuletzt bearbeitet 21.11.2024 07:33:59
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.231
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.181
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.102
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.25
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.11
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.131 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962
https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194
https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c
https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c
https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9
https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c