Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-49508

Опубликовано: 26 фев. 2025
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

HID: elan: Fix potential double free in elan_input_configured

'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free.

According to the doc of devm_input_allocate_device():

  • Managed input devices do not need to be explicitly unregistered or
  • freed as it will be done automatically when owner device unbinds from
  • its driver (or binding fails).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.17 (включая) до 4.19.247 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.20 (включая) до 5.4.198 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.10.121 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.11 (включая) до 5.15.46 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.16 (включая) до 5.17.14 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.18 (включая) до 5.18.3 (исключая)

EPSS

Процентиль: 10%
0.00036
Низкий

7.8 High

CVSS3

Дефекты

CWE-415
CWE-415

Связанные уязвимости

ubuntu логотип

CVE-2022-49508

CVSS3: 7.8
ubuntu
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

redhat логотип

CVE-2022-49508

CVSS3: 7.8
redhat
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

debian логотип

CVE-2022-49508

CVSS3: 7.8
debian
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: H ...

github логотип

GHSA-9jwp-f88q-j572

CVSS3: 7.8
github
11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

suse-cvrf логотип

SUSE-SU-2025:1263-1

suse-cvrf
10 месяцев назад

Security update for the Linux Kernel

EPSS

Процентиль: 10%
0.00036
Низкий

7.8 High

CVSS3

Дефекты

CWE-415
CWE-415