Fix Memory Leak in debugfs_lookup() Function
CVE-2022-48698

5.3MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 May 2024

What is CVE-2022-48698?

A memory leak vulnerability exists in the Linux kernel specifically within the AMD display driver. This flaw arises in the use of the debugfs_lookup() function, which fails to properly release memory allocated during its execution. If dput() is not called when the result of debugfs_lookup() is no longer needed, it leads to progressive memory consumption, potentially degrading system performance and stability over time. Proper implementation of memory management practices is essential to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 86bc221918925a0bbb49043e3936e898e009b43b < 58acd2ebae034db3bacf38708f508fbd12ae2e54

Linux 86bc221918925a0bbb49043e3936e898e009b43b < 3a6279d243cb035eaaff1450980b40cf19748f05

Linux 86bc221918925a0bbb49043e3936e898e009b43b

References

https://git.kernel.org/stable/c/58acd2ebae034db3bacf38708...

https://git.kernel.org/stable/c/3a6279d243cb035eaaff14509...

https://git.kernel.org/stable/c/cbfac7fa491651c57926c99ed...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
May 3, 2024

JSON

Linux