CVE-2022-48776 (GCVE-0-2022-48776)
Vulnerability from cvelistv5
Published
2024-07-16 11:13
Modified
2025-05-04 12:43
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak.
Impacted products
Vendor Product Version
Linux Linux Version: 10f3b4d79958d6f9f71588c6fa862159c83fa80f
Version: 10f3b4d79958d6f9f71588c6fa862159c83fa80f
Version: 10f3b4d79958d6f9f71588c6fa862159c83fa80f
Version: af86e36c583300e10a52e3b3348c88a69fc0c552
Version: 765beb5ef9da4fecb50210decd55dd24187a0698
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:01.886Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48776",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:00:33.435132Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:17.583Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mtd/parsers/qcomsmempart.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3eb5185896a68373714dc7d0009111744adc3345",
              "status": "affected",
              "version": "10f3b4d79958d6f9f71588c6fa862159c83fa80f",
              "versionType": "git"
            },
            {
              "lessThan": "1b37889f9a151d26a3fb0d3870f6e1046dee2e24",
              "status": "affected",
              "version": "10f3b4d79958d6f9f71588c6fa862159c83fa80f",
              "versionType": "git"
            },
            {
              "lessThan": "3dd8ba961b9356c4113b96541c752c73d98fef70",
              "status": "affected",
              "version": "10f3b4d79958d6f9f71588c6fa862159c83fa80f",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "af86e36c583300e10a52e3b3348c88a69fc0c552",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "765beb5ef9da4fecb50210decd55dd24187a0698",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mtd/parsers/qcomsmempart.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.25",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.25",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16.11",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.17",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.12.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.13.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: parsers: qcom: Fix missing free for pparts in cleanup\n\nMtdpart doesn\u0027t free pparts when a cleanup function is declared.\nAdd missing free for pparts in cleanup function for smem to fix the\nleak."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T12:43:41.958Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345"
        },
        {
          "url": "https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24"
        },
        {
          "url": "https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70"
        }
      ],
      "title": "mtd: parsers: qcom: Fix missing free for pparts in cleanup",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48776",
    "datePublished": "2024-07-16T11:13:15.197Z",
    "dateReserved": "2024-06-20T11:09:39.062Z",
    "dateUpdated": "2025-05-04T12:43:41.958Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-48776\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-16T12:15:02.867\",\"lastModified\":\"2024-11-21T07:34:00.040\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmtd: parsers: qcom: Fix missing free for pparts in cleanup\\n\\nMtdpart doesn\u0027t free pparts when a cleanup function is declared.\\nAdd missing free for pparts in cleanup function for smem to fix the\\nleak.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtd: parsers: qcom: Corrige la falta de espacio libre para pparts en la limpieza Mtdpart no libera pparts cuando se declara una funci\u00f3n de limpieza. Agregue piezas libres faltantes en la funci\u00f3n de limpieza para que smem arregle la fuga.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T15:25:01.886Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-48776\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T17:00:33.435132Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:21.829Z\"}}], \"cna\": {\"title\": \"mtd: parsers: qcom: Fix missing free for pparts in cleanup\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"10f3b4d79958d6f9f71588c6fa862159c83fa80f\", \"lessThan\": \"3eb5185896a68373714dc7d0009111744adc3345\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"10f3b4d79958d6f9f71588c6fa862159c83fa80f\", \"lessThan\": \"1b37889f9a151d26a3fb0d3870f6e1046dee2e24\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"10f3b4d79958d6f9f71588c6fa862159c83fa80f\", \"lessThan\": \"3dd8ba961b9356c4113b96541c752c73d98fef70\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"af86e36c583300e10a52e3b3348c88a69fc0c552\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"765beb5ef9da4fecb50210decd55dd24187a0698\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/mtd/parsers/qcomsmempart.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.14\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.14\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.15.25\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16.11\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.16.*\"}, {\"status\": \"unaffected\", \"version\": \"5.17\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/mtd/parsers/qcomsmempart.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345\"}, {\"url\": \"https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24\"}, {\"url\": \"https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmtd: parsers: qcom: Fix missing free for pparts in cleanup\\n\\nMtdpart doesn\u0027t free pparts when a cleanup function is declared.\\nAdd missing free for pparts in cleanup function for smem to fix the\\nleak.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.25\", \"versionStartIncluding\": \"5.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.16.11\", \"versionStartIncluding\": \"5.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.17\", \"versionStartIncluding\": \"5.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.12.17\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.13.2\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T12:43:41.958Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-48776\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T12:43:41.958Z\", \"dateReserved\": \"2024-06-20T11:09:39.062Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-07-16T11:13:15.197Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…