CVE-2022-48775
MEDIUMLinux Kernel Use-After-Free in vmbus_add_channel_kobj
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put().
References (6)
Core 6
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962
Mailing List, Patch
https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c
Mailing List, Patch
https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c
Mailing List, Patch
https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9
Mailing List, Patch
https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c
Mailing List, Patch
https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194
Scores
CVSS v3
5.5
EPSS
0.0023
EPSS Percentile
13.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-401
Status
published
Products (20)
linux/Kernel
4.15.0 - 4.19.231linux
linux/Kernel
4.20.0 - 5.4.181linux
linux/Kernel
5.11.0 - 5.15.25linux
linux/Kernel
5.16.0 - 5.16.11linux
linux/Kernel
5.5.0 - 5.10.102linux
Linux/Linux
< 4.15
Linux/Linux
4.15
Linux/Linux
4.19.231 - 4.19.*
Linux/Linux
5.10.102 - 5.10.*
Linux/Linux
5.15.25 - 5.15.*
... and 10 more
Published
Jul 16, 2024
Tracked Since
Feb 18, 2026