5.5
CVE-2022-48860
- EPSS 0.22%
- Veröffentlicht 16.07.2024 13:15:12
- Zuletzt bearbeitet 21.11.2024 07:34:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ethernet: Fix error handling in xemaclite_of_probe
In the Linux kernel, the following vulnerability has been resolved: ethernet: Fix error handling in xemaclite_of_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak. As the remove function do.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.34 < 4.9.307
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.272
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.235
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.185
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.106
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.29
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.15
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.118 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/1852854ee349881efb78ccdbbb237838975902e4
https://git.kernel.org/stable/c/5e7c402892e189a7bc152b125e72261154aa585d
https://git.kernel.org/stable/c/669172ce976608b25a2f76f3c65d47f042d125c9
https://git.kernel.org/stable/c/8609e29611befc4bfbe7a91bb50fc65ae72ff549
https://git.kernel.org/stable/c/8ee065a7a9b6a3976c16340503677efc4d8351f6
https://git.kernel.org/stable/c/979b418b96e35f07136f77962ccfaa54cf3e30e1
https://git.kernel.org/stable/c/b19ab4b38b06aae12442b2de95ccf58b5dc53584
https://git.kernel.org/stable/c/b7220f8e9d6c6b9594ddfb3125dad938cd478b1f