CVE-2022-49233

EPSS 0.11%
Veröffentlicht 26.02.2025 07:01:00
Zuletzt bearbeitet 01.10.2025 20:15:58
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

drm/amd/display: Call dc_stream_release for remove link enc assignment

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Call dc_stream_release for remove link enc assignment

[Why]
A porting error resulted in the stream assignment for the link
being retained without being released - a memory leak.

[How]
Fix the porting error by adding back the dc_stream_release() intended
as part of the original patch.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.17 < 5.17.2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.285

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/a28b7b6a0c827ce672edcdb5b2b5916b0beebe03

Patch

https://git.kernel.org/stable/c/f2bde8349c35d01d7c50456ea06a5c7d5e0e5ed0

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-49233

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-49233

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-49233

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-49233