CVE-2022-48669: powerpc/pseries: Fix potential memleak in papr_get_attr()
In the Linux kernel, the following vulnerability has been resolved:
powerpc/pseries: Fix potential memleak in paprgetattr()
buf is allocated in paprgetattr(), and krealloc() of buf could fail. We need to free the original buf in the case of failure.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
powerpc/pseries: Fix potential memleak in paprgetattr()
The Linux kernel CVE team has assigned CVE-2022-48669 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2022-48669-15cf@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by a memory leak flaw in the paprgetattr() function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2022-48669?
CVE-2022-48669 is categorized as a moderate severity vulnerability due to the potential memory leak.
How do I fix CVE-2022-48669?
To fix CVE-2022-48669, upgrade the Linux kernel to version 6.1.83, 6.6.23, 6.7.11, 6.8.2, 6.9 or appropriate versions specified by your distribution.
What software is affected by CVE-2022-48669?
CVE-2022-48669 affects specific versions of the Linux kernel in Red Hat and Debian distributions.
Can CVE-2022-48669 lead to a system compromise?
While CVE-2022-48669 is a memory leak issue, it does not inherently allow system compromise but can lead to potential resource exhaustion.
Is CVE-2022-48669 only an issue for specific architectures?
CVE-2022-48669 specifically affects the powerpc/pseries architecture within the Linux kernel.