CVE-2022-48880

medium

Description

In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In that case, the request should be freed via ssam_request_sync_free(). Currently it is leaked instead. Fix this.

References

https://git.kernel.org/stable/c/d2dc110deabe7142b60ebeed689e67f92795ee24

https://git.kernel.org/stable/c/c965daac370f08a9b71d573a71d13cda76f2a884

https://git.kernel.org/stable/c/50b3cdf8239b11545f311c4f7b89e0092e4feedb

Details

Source: Mitre, NVD

Published: 2024-08-21

Updated: 2024-08-21

Risk Information

CVSS v2

Base Score: 3.2

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:P

Severity: Low

CVSS v3

Base Score: 4.4

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Severity: Medium