Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-48659
HistoryApr 28, 2024 - 12:00 a.m.

CVE-2022-48659

2024-04-2800:00:00
ubuntu.com
ubuntu.com
9
linux kernel
vulnerability
kmalloc()
error
bug
fix

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

In the Linux kernel, the following vulnerability has been resolved:
mm/slub: fix to return errno if kmalloc() fails In create_unique_id(),
kmalloc(, GFP_KERNEL) can fail due to out-of-memory, if it fails, return
errno correctly rather than triggering panic via BUG_ON(); kernel BUG at
mm/slub.c:5893! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Call trace:
sysfs_slab_add+0x258/0x260 mm/slub.c:5973 __kmem_cache_create+0x60/0x118
mm/slub.c:4899 create_cache mm/slab_common.c:229 [inline]
kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335
kmem_cache_create+0x1c/0x28 mm/slab_common.c:390 f2fs_kmem_cache_create
fs/f2fs/f2fs.h:2766 [inline] f2fs_init_xattr_caches+0x78/0xb4
fs/f2fs/xattr.c:808 f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149
mount_bdev+0x1b8/0x210 fs/super.c:1400 f2fs_mount+0x44/0x58
fs/f2fs/super.c:4512 legacy_get_tree+0x30/0x74 fs/fs_context.c:610
vfs_get_tree+0x40/0x140 fs/super.c:1530 do_new_mount+0x1dc/0x4e4
fs/namespace.c:3040 path_mount+0x358/0x914 fs/namespace.c:3370 do_mount
fs/namespace.c:3383 [inline] __do_sys_mount fs/namespace.c:3591 [inline]
__se_sys_mount fs/namespace.c:3568 [inline] __arm64_sys_mount+0x2f8/0x408
fs/namespace.c:3568

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%