Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-48740HistoryJun 20, 2024 - 12:15 p.m.
CVE-2022-48740
2024-06-2012:15:12
Debian Security Bug Tracker
security-tracker.debian.org
cve-2022-48740
selinux
error paths
unix
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of cond_list on error paths On error path from cond_read_list() and duplicate_policydb_cond_list() the cond_list_destroy() gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by resetting the cond_list_len to 0 in cond_list_destroy(), making subsequent calls a noop. Also consistently reset the cond_list pointer to NULL after freeing. [PM: fix line lengths in the description]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.16.10-1 | linux_5.16.10-1_all.deb |
| Debian | 11 | all | linux | < 5.10.103-1 | linux_5.10.103-1_all.deb |
| Debian | 10 | all | linux | <= 4.19.249-2 | linux_4.19.249-2_all.deb |
| Debian | 999 | all | linux | < 5.16.10-1 | linux_5.16.10-1_all.deb |
| Debian | 13 | all | linux | < 5.16.10-1 | linux_5.16.10-1_all.deb |
Related
nvd
nvd
CVE-2022-48740
2024-06-20 12:15:12
ubuntucve
ubuntucve
CVE-2022-48740
2024-06-20 00:00:00
cve
cve
CVE-2022-48740
2024-06-20 12:15:12
redhatcve
redhatcve
CVE-2022-48740
2024-06-20 13:55:17
cvelist
cvelist
CVE-2022-48740 selinux: fix double free of cond_list on error paths
2024-06-20 11:13:25
6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
Related for DEBIANCVE:CVE-2022-48740