In the Linux kernel, the following vulnerability has been resolved:
mctp: fix use after free
Clang static analysis reports this problem
route.c:425:4: warning: Use of memory after it is freed
trace_mctp_key_acquire(key);
^~~~~~~~~~~~~~~~~~~~~~~~~~~
When mctp_key_add() fails, key is freed but then is later
used in trace_mctp_key_acquire(). Add an else statement
to use the key only when mctp_key_add() is successful.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 21 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-16T11:13:19.141Z
Updated: 2024-09-11T17:34:16.927Z
Reserved: 2024-06-20T11:09:39.068Z
Link: CVE-2022-48782
Vulnrichment
Updated: 2024-09-11T12:42:21.767Z
NVD
Status : Analyzed
Published: 2024-07-16T12:15:03.290
Modified: 2024-08-21T18:02:33.843
Link: CVE-2022-48782
Redhat