CVE-2022-49530

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A double free vulnerability has been identified in the Linux kernel, specifically in the si parse power table() function. This issue arises when the allocation of array members fails, leading to the array being freed and returned with an error code. However, the array is later freed again in the si dpm fini() function, which can cause a double free of the array adev->pm.dpm.ps and a leak of its array members. Additionally, the variable adev->pm.dpm.num ps is not updated until the member allocation is successfully finished, potentially leading to use after free or uninitialized variable access in si dpm fini().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.