CVE-2022-48955

MEDIUM EPSS 14.0%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnet_open() When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in tb_xdomain_alloc_out_hopid() is not released. Add tb_xdomain_release_out_hopid() to the error path to release ida.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥5.13  –  <5.15.83
linuxlinux_kernel*≥5.16  –  <6.0.13
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/b9274dbe399952a8175db2e1ee148b7c9ba2b538
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed14e5903638f6eb868e3e2b4e610985e6a6c876
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed6e955f3b7e0e622c080f4bcb5427a5e1af4c2a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/b9274dbe399952a8175db2e1ee148b7c9ba2b538
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed14e5903638f6eb868e3e2b4e610985e6a6c876
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ed6e955f3b7e0e622c080f4bcb5427a5e1af4c2a
    Patch