CVE-2022-48959

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()

When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbf425b82059e0b0752c0026353c1902112200837 < 4be43e46c3f945fc7dd9e23c73a7a66927a3b814affected
LinuxLinuxbf425b82059e0b0752c0026353c1902112200837 < f3b5dda26cd0535aac09ed09c5d83f19b979ec9faffected
LinuxLinuxbf425b82059e0b0752c0026353c1902112200837 < e5e59629654b8826f0167dae480d0e3fa0f8f038affected
LinuxLinuxbf425b82059e0b0752c0026353c1902112200837 < 78a9ea43fc1a7c06a420b132d2d47cbf4344a5dfaffected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.10.159 <= 5.10.*unaffected
LinuxLinux5.15.83 <= 5.15.*unaffected
LinuxLinux6.0.13 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References