CVE-2022-48641

low-risk
Published 2024-04-28

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix memory leak when blob is malformed The bug fix was incomplete, it "replaced" crash with a memory leak. The old code had an assignment to "ret" embedded into the conditional, restore this.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (14)

Patch https://git.kernel.org/stable/c/11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab
Patch https://git.kernel.org/stable/c/1e98318af2f163eadaff815abcef38d27ca92c1e
Patch https://git.kernel.org/stable/c/38cf372b17f0a5f35c1b716a100532d539f0eb33
Patch https://git.kernel.org/stable/c/62ce44c4fff947eebdf10bb582267e686e6835c9
Patch https://git.kernel.org/stable/c/754e8b74281dd54a324698803483f47cf3355ae1
Patch https://git.kernel.org/stable/c/d5917b7af7cae0e2804f9d127a03268035098b7f
Patch https://git.kernel.org/stable/c/ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee
Patch https://git.kernel.org/stable/c/11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab
Patch https://git.kernel.org/stable/c/1e98318af2f163eadaff815abcef38d27ca92c1e
Patch https://git.kernel.org/stable/c/38cf372b17f0a5f35c1b716a100532d539f0eb33
Patch https://git.kernel.org/stable/c/62ce44c4fff947eebdf10bb582267e686e6835c9
Patch https://git.kernel.org/stable/c/754e8b74281dd54a324698803483f47cf3355ae1
Patch https://git.kernel.org/stable/c/d5917b7af7cae0e2804f9d127a03268035098b7f
Patch https://git.kernel.org/stable/c/ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal