Lucene search

GoogleOSV:CVE-2022-48881

HistoryAug 21, 2024 - 7:15 a.m.

CVE-2022-48881

2024-08-2107:15:04

Google

osv.dev

linux kernel

refcount

vulnerability

amd_pmc_probe

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/amd: Fix refcount leak in amd_pmc_probe

pci_get_domain_bus_and_slot() takes reference, the caller should release
the reference by calling pci_dev_put() after use. Call pci_dev_put() in
the error path to fix this.

References

git.kernel.org/stable/c/3944162821295993ec89992dec98ab6be6306cc0

git.kernel.org/stable/c/ccb32e2be14271a60e9ba89c6d5660cc9998773c

security-tracker.debian.org/tracker/CVE-2022-48881

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

Confidence

Low

JSON

Related for OSV:CVE-2022-48881