Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-48768— tracing/histogram: Fix a potential memory leak for kstrdup()

EPSS 0.03% · P10
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-48768

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
tracing/histogram: Fix a potential memory leak for kstrdup()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via kfree(p).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 tracing/histogram 模块 kstrdup 中存在存泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 38b67e60b6b582e81f9db1b2e7176cbbfbd3e574 ~ 8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8 -
LinuxLinux 5.6 -

II. Public POCs for CVE-2022-48768

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-48768

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-06-20 · 67 CVEs total

CVE-2022-48750hwmon: (nct6775) Fix crash in clear_caseopen
CVE-2022-48770bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
CVE-2022-48769efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
CVE-2022-48767ceph: properly put ceph_string reference after async create attempt
CVE-2022-48756drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
CVE-2022-48755powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
CVE-2022-48754phylib: fix potential use-after-free
CVE-2022-48753block: fix memory leak in disk_register_independent_access_ranges
CVE-2022-48752powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
CVE-2022-48751net/smc: Transitional solution for clcsock race issue
CVE-2022-48757net: fix information leakage in /proc/net/ptype
CVE-2022-48748net: bridge: vlan: fix memory leak in __allowed_ingress
CVE-2022-48749drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
CVE-2022-48747block: Fix wrong offset in bio_truncate()
CVE-2022-48745net/mlx5: Use del_timer_sync in fw reset flow of halting poll
CVE-2022-48746net/mlx5e: Fix handling of wrong devices during bond netevent
CVE-2022-48744net/mlx5e: Avoid field-overflowing memcpy()
CVE-2022-48743net: amd-xgbe: Fix skb data length underflow
CVE-2022-48742rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
CVE-2022-48741ovl: fix NULL pointer dereference in copy up warning

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2022-48768

No comments yet

Leave a comment