CVE-2022-48775

Summary

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj

kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add():

If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object.

Fix memory leak by calling kobject_put().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc2e5df616e1ae6c2a074cb241ebb65a318ebaf7c < 417947891bd5ae327f15efed1a0da2b12ef24962affected
LinuxLinuxc2e5df616e1ae6c2a074cb241ebb65a318ebaf7c < fe595759c2a4a5bb41c438474f15947d8ae32f5caffected
LinuxLinuxc2e5df616e1ae6c2a074cb241ebb65a318ebaf7c < 91d8866ca55232d21995a3d54fac96de33c9e20caffected
LinuxLinuxc2e5df616e1ae6c2a074cb241ebb65a318ebaf7c < c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9affected
LinuxLinuxc2e5df616e1ae6c2a074cb241ebb65a318ebaf7c < 92e25b637cd4e010f776c86e4810300e773eac5caffected
LinuxLinuxc2e5df616e1ae6c2a074cb241ebb65a318ebaf7c < 8bc69f86328e87a0ffa79438430cc82f3aa6a194affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux4.19.231 <= 4.19.*unaffected
LinuxLinux5.4.181 <= 5.4.*unaffected
LinuxLinux5.10.102 <= 5.10.*unaffected
LinuxLinux5.15.25 <= 5.15.*unaffected
LinuxLinux5.16.11 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References