Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2022-48768— tracing/histogram: Fix a potential memory leak for kstrdup()

AI Predicted 5.5 Difficulty: Hard EPSS 0.21% · P11

Affected Version Matrix 15

VendorProductVersion RangeStatus
LinuxLinux38b67e60b6b582e81f9db1b2e7176cbbfbd3e574< 8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8affected
d380dcde9a07ca5de4805dee11f58a98ec0ad6ff< d71b06aa995007eafd247626d0669b9364c42ad7affected
d380dcde9a07ca5de4805dee11f58a98ec0ad6ff< e33fa4a46ee22de88a700e2e3d033da8214a5175affected
d380dcde9a07ca5de4805dee11f58a98ec0ad6ff< df86e2fe808c3536a9dba353cc2bebdfea00d0cfaffected
d380dcde9a07ca5de4805dee11f58a98ec0ad6ff< e629e7b525a179e29d53463d992bdee759c950fbaffected
c78a2baf5e1fe1b38121d6b54bab77ccb81a1a86affected
5.4.19< 5.4.176affected
5.5.6< 5.6affected
… +7 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-48768

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
tracing/histogram: Fix a potential memory leak for kstrdup()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via kfree(p).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 tracing/histogram 模块 kstrdup 中存在存泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 38b67e60b6b582e81f9db1b2e7176cbbfbd3e574 ~ 8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8 -
LinuxLinux 5.6 -

II. Public POCs for CVE-2022-48768

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-48768

登录查看更多情报信息。

Other References for CVE-2022-48768 (5)

Same Patch Batch · Linux · 2024-06-20 · 67 CVEs total

CVE-2022-48750hwmon: (nct6775) Fix crash in clear_caseopen
CVE-2022-48770bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
CVE-2022-48769efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
CVE-2022-48767ceph: properly put ceph_string reference after async create attempt
CVE-2022-48756drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
CVE-2022-48755powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
CVE-2022-48754phylib: fix potential use-after-free
CVE-2022-48753block: fix memory leak in disk_register_independent_access_ranges
CVE-2022-48752powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
CVE-2022-48751net/smc: Transitional solution for clcsock race issue
CVE-2022-48757net: fix information leakage in /proc/net/ptype
CVE-2022-48748net: bridge: vlan: fix memory leak in __allowed_ingress
CVE-2022-48749drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
CVE-2022-48747block: Fix wrong offset in bio_truncate()
CVE-2022-48745net/mlx5: Use del_timer_sync in fw reset flow of halting poll
CVE-2022-48746net/mlx5e: Fix handling of wrong devices during bond netevent
CVE-2022-48744net/mlx5e: Avoid field-overflowing memcpy()
CVE-2022-48743net: amd-xgbe: Fix skb data length underflow
CVE-2022-48742rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
CVE-2022-48741ovl: fix NULL pointer dereference in copy up warning

Showing top 20 of 67 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2022-48768

No comments yet


Leave a comment