Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-49508

Опубликовано: 26 фев. 2025
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device():

  • Managed input devices do not need to be explicitly unregistered or
  • freed as it will be done automatically when owner device unbinds from
  • its driver (or binding fails).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelOut of support scope
Red Hat Enterprise Linux 8kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-415
https://bugzilla.redhat.com/show_bug.cgi?id=2348178kernel: HID: elan: Fix potential double free in elan_input_configured

EPSS

Процентиль: 10%
0.00036
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-49508

CVSS3: 7.8
ubuntu
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

nvd логотип

CVE-2022-49508

CVSS3: 7.8
nvd
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

debian логотип

CVE-2022-49508

CVSS3: 7.8
debian
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: H ...

github логотип

GHSA-9jwp-f88q-j572

CVSS3: 7.8
github
11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

suse-cvrf логотип

SUSE-SU-2025:1263-1

suse-cvrf
10 месяцев назад

Security update for the Linux Kernel

EPSS

Процентиль: 10%
0.00036
Низкий

7.8 High

CVSS3