CVE-2022-48768

tracing/histogram: Fix a potential memory leak for kstrdup()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

tracing/histogram: Fix a potential memory leak for kstrdup()

kfree() is missing on an error path to free the memory allocated by
kstrdup():

p = param = kstrdup(data->params[i], GFP_KERNEL);

So it is better to free it via kfree(p).

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-06-20 CVE Reserved
2024-06-20 CVE Published
2024-09-10 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/38b67e60b6b582e81f9db1b2e7176cbbfbd3e574	Vuln. Introduced
https://git.kernel.org/stable/c/d380dcde9a07ca5de4805dee11f58a98ec0ad6ff	Vuln. Introduced
https://git.kernel.org/stable/c/c78a2baf5e1fe1b38121d6b54bab77ccb81a1a86	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8	2022-02-01
https://git.kernel.org/stable/c/d71b06aa995007eafd247626d0669b9364c42ad7	2022-02-01
https://git.kernel.org/stable/c/e33fa4a46ee22de88a700e2e3d033da8214a5175	2022-02-01
https://git.kernel.org/stable/c/df86e2fe808c3536a9dba353cc2bebdfea00d0cf	2022-02-01
https://git.kernel.org/stable/c/e629e7b525a179e29d53463d992bdee759c950fb	2022-01-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.19 < 5.4.176 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.19 < 5.4.176"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 5.10.96 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.10.96"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 5.15.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.15.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 5.16.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.16.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.6 < 5.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.5.6 Search vendor "Linux" for product "Linux Kernel" and version "5.5.6"		en		Affected