CVE-2022-40278

Name of the Vulnerable Software and Affected Versions Samsung TizenRT versions through 3.0 GBM Samsung TizenRT version 3.1 PRE

Description An issue in the createDB function within security/provisioning/src/provisioningdatabasemanager.c leads to a denial of service due to a missing sqlite3 free after sqlite3 exec.

Recommendations For Samsung TizenRT versions through 3.0 GBM, ensure proper memory management by freeing allocated resources after execution to prevent denial of service. For Samsung TizenRT version 3.1 PRE, apply the same memory management fix to prevent denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.