Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-45887

Опубликовано: 15 нояб. 2022
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusb_dec_exit_dvb() function because of the lack of a dvb_frontend_detach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a denial of service condition.

Меры по смягчению последствий

To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the ttusb_dec kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2023:690114.11.2023
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:707714.11.2023
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2024:072407.02.2024
Red Hat Enterprise Linux 8.8 Extended Update SupportkernelFixedRHSA-2024:140419.03.2024
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8kernelFixedRHSA-2024:072407.02.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-401
https://bugzilla.redhat.com/show_bug.cgi?id=2148520kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c

EPSS

Процентиль: 0%
0.00008
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-45887

CVSS3: 4.7
ubuntu
больше 2 лет назад

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

nvd логотип

CVE-2022-45887

CVSS3: 4.7
nvd
больше 2 лет назад

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

debian логотип

CVE-2022-45887

CVSS3: 4.7
debian
больше 2 лет назад

An issue was discovered in the Linux kernel through 6.0.9. drivers/med ...

github логотип

GHSA-vf9f-54pg-36hq

CVSS3: 4.7
github
больше 2 лет назад

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.

fstec логотип

BDU:2023-05191

CVSS3: 4.7
fstec
больше 2 лет назад

Уязвимость компонента drivers/media/usb/ttusb-dec/ttusb_dec.c ядра операционной системы Linux, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»

EPSS

Процентиль: 0%
0.00008
Низкий

4.7 Medium

CVSS3