CVE-2022-48782
mctp: fix use after free
In the Linux kernel, the following vulnerability has been resolved:
mctp: fix use after free
Clang static analysis reports this problem
route.c:425:4: warning: Use of memory after it is freed
trace_mctp_key_acquire(key);
^~~~~~~~~~~~~~~~~~~~~~~~~~~
When mctp_key_add() fails, key is freed but then is later
used in trace_mctp_key_acquire(). Add an else statement
to use the key only when mctp_key_add() is successful.
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →