CVE-2022-48888

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path

of_icc_get() alloc resources for path1, we should release it when not need anymore. Early return when IS_ERR_OR_NULL(path0) may leak path1. Defer getting path1 to fix this.

Patchwork: https://patchwork.freedesktop.org/patch/514264/

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb9364eed9232f3d2a846f68c2307eb25c93cc2d0 < c6fa1de83fd87267ab24359e6fa52f98f5cee3f9affected
LinuxLinuxb9364eed9232f3d2a846f68c2307eb25c93cc2d0 < 45dac1352b55b1d8cb17f218936b2bc2bc1fb4eeaffected
LinuxLinux5.19affected
LinuxLinux0 < 5.19unaffected
LinuxLinux6.1.7 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References