GHSA-pwf7-jc5h-rr33

Опубликовано: 20 июн. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

In the Linux kernel, the following vulnerability has been resolved:

tracing/histogram: Fix a potential memory leak for kstrdup()

kfree() is missing on an error path to free the memory allocated by kstrdup():

p = param = kstrdup(data->params[i], GFP_KERNEL);

So it is better to free it via kfree(p).

In the Linux kernel, the following vulnerability has been resolved:

tracing/histogram: Fix a potential memory leak for kstrdup()

kfree() is missing on an error path to free the memory allocated by kstrdup():

p = param = kstrdup(data->params[i], GFP_KERNEL);

So it is better to free it via kfree(p).

Ссылки

EPSS

Процентиль: 9%

0.00036

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2022-48768

Дефекты

CWE-401

Связанные уязвимости

CVE-2022-48768

CVSS3: 5.5

ubuntu

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via kfree(p).

CVE-2022-48768

CVSS3: 5.1

redhat

больше 1 года назад

CVE-2022-48768

CVSS3: 5.5

nvd

больше 1 года назад

CVE-2022-48768

CVSS3: 5.5

debian

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: t ...

BDU:2025-04443

CVSS3: 5.5

fstec

больше 3 лет назад

Уязвимость функции trace_action_create() модуля kernel/trace/trace_events_hist.c поддержки трассировки ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 9%

0.00036

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2022-48768

Дефекты

CWE-401