CVE-2022-48669

low-risk
Published 2024-05-01

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fail. We need to free the original `buf` in the case of failure.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (10)

Patch https://git.kernel.org/stable/c/1699fb915b9f61794d559b55114c09a390aaf234
Patch https://git.kernel.org/stable/c/7f7d39fe3d80d6143404940b2413010cf6527029
Patch https://git.kernel.org/stable/c/a3f22feb2220a945d1c3282e34199e8bcdc5afc4
Patch https://git.kernel.org/stable/c/cda9c0d556283e2d4adaa9960b2dc19b16156bae
Patch https://git.kernel.org/stable/c/d0647c3e81eff62b66d46fd4e475318cb8cb3610
Patch https://git.kernel.org/stable/c/1699fb915b9f61794d559b55114c09a390aaf234
Patch https://git.kernel.org/stable/c/7f7d39fe3d80d6143404940b2413010cf6527029
Patch https://git.kernel.org/stable/c/a3f22feb2220a945d1c3282e34199e8bcdc5afc4
Patch https://git.kernel.org/stable/c/cda9c0d556283e2d4adaa9960b2dc19b16156bae
Patch https://git.kernel.org/stable/c/d0647c3e81eff62b66d46fd4e475318cb8cb3610
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal