CVE-2022-48880

Summary

In the Linux kernel, the following vulnerability has been resolved:

platform/surface: aggregator: Add missing call to ssam_request_sync_free()

Although rare, ssam_request_sync_init() can fail. In that case, the request should be freed via ssam_request_sync_free(). Currently it is leaked instead. Fix this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc167b9c7e3d6131b4a4865c112a3dbc86d2e997d < d2dc110deabe7142b60ebeed689e67f92795ee24affected
LinuxLinuxc167b9c7e3d6131b4a4865c112a3dbc86d2e997d < 50b3cdf8239b11545f311c4f7b89e0092e4feedbaffected
LinuxLinuxc167b9c7e3d6131b4a4865c112a3dbc86d2e997d < c965daac370f08a9b71d573a71d13cda76f2a884affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.89 <= 5.15.*unaffected
LinuxLinux6.1.7 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References