Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

CVE-2022-48775 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2022-48775

CVE-2022-48775

MEDIUM5.5

Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj

Published Jul 16, 2024

Modified 10 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj

kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add()：

If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object.

Fix memory leak by calling kobject_put().

References

WEB

https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962

WEB

https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194

WEB

https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c

WEB

https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c

WEB

https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9

WEB

https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-48775

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedJul 16, 2024

ModifiedMay 4, 2025