CVE-2022-48959

MEDIUM

Linux kernel - Memory Corruption

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released.

References (4)

[Patch] https://git.kernel.org/stable/c/4be43e46c3f945fc7dd9e23c73a7a66927a3b814

[Patch] https://git.kernel.org/stable/c/78a9ea43fc1a7c06a420b132d2d47cbf4344a5df

[Patch] https://git.kernel.org/stable/c/e5e59629654b8826f0167dae480d0e3fa0f8f038

[Patch] https://git.kernel.org/stable/c/f3b5dda26cd0535aac09ed09c5d83f19b979ec9f

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 0.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (12)

linux/linux_kernel < 5.10.159

linux/linux_kernel

linux/Kernel < 5.10.159linux

linux/Kernel < 5.15.83linux

linux/Kernel < 6.0.13linux

Timeline

Published Oct 21, 2024

Tracked Since Feb 18, 2026