PT-2024-11795 · Linux+3 · Linux Kernel+3

Miaoqian Lin

Published

2022-01-20

Updated

2024-10-30

CVE-2022-48753

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been resolved in the Linux kernel. The problem occurred because kobject init and add() takes a reference even when it fails, and according to its documentation, kobject put() must be called to properly clean up the memory associated with the object in case of an error. The fix involves adding kobject put() to handle the memory leak. The callback function blk ia ranges sysfs release() in kobject put() can handle the pointer iars properly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2025-04354

CVE-2022-48753

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2939-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-11795 · Linux+3 · Linux Kernel+3

CVE-2022-48753

Weakness Enumeration

Related Identifiers

Affected Products

References · 1179