5.5
CVE-2022-49178
- EPSS 0.25%
- Veröffentlicht 26.02.2025 07:00:54
- Zuletzt bearbeitet 23.09.2025 13:43:49
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
memstick/mspro_block: fix handling of read-only devices
In the Linux kernel, the following vulnerability has been resolved: memstick/mspro_block: fix handling of read-only devices Use set_disk_ro to propagate the read-only state to the block layer instead of checking for it in ->open and leaking a reference in case of a read-only device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.16.19
Linux ≫ Linux Kernel Version >= 5.17 < 5.17.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.164 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/057b53c4f87690d626203acef8b63d52a9bf2f43
https://git.kernel.org/stable/c/6a0725b9d78ff6efdc95a37e4f05072e79c63918
https://git.kernel.org/stable/c/6dab421bfe06a59bf8f212a72e34673e8acf2018