Lucene search

GoogleOSV:CVE-2022-48893

HistoryAug 21, 2024 - 7:15 a.m.

CVE-2022-48893

2024-08-2107:15:05

Google

osv.dev

linux kernel

vulnerability

fixed

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/i915/gt: Cleanup partial engine discovery failures

If we abort driver initialisation in the middle of gt/engine discovery,
some engines will be fully setup and some not. Those incompletely setup
engines only have ‘engine->release == NULL’ and so will leak any of the
common objects allocated.

v2:

Drop the destroy_pinned_context() helper for now. It’s not really
worth it with just a single callsite at the moment. (Janusz)

References

git.kernel.org/stable/c/5c855bcc730656c4b7d30aaddcd0eafc7003e112

git.kernel.org/stable/c/78a033433a5ae4fee85511ee075bc9a48312c79e

security-tracker.debian.org/tracker/CVE-2022-48893

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

Low

JSON

Related for OSV:CVE-2022-48893