CVE-2022-48782

July 16, 2024, 1:43 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use of memory after it is freed trace_mctp_key_acquire(key); ^~~~~~~~~~~~~~~~~~~~~~~~~~~ When mctp_key_add() fails, key is freed but then is later used in trace_mctp_key_acquire(). Add an else statement to use the key only when mctp_key_add() is successful.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/1dd3ecbec5f606b2a526c47925c8634b1a6bb81e
https://git.kernel.org/stable/c/7e5b6a5c8c44310784c88c1c198dde79f6402f7b

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-16
CVE-2022-48782

Timeline

Published: July 16, 2024, 12:15 p.m.
Last Modified: July 16, 2024, 1:43 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.