Vulnerability Details CVE-2022-49047
In the Linux kernel, the following vulnerability has been resolved:
ep93xx: clock: Fix UAF in ep93xx_clk_register_gate()
arch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
arch/arm/mach-ep93xx/clock.c:151:2: note: Taking true branch
if (IS_ERR(clk))
^
arch/arm/mach-ep93xx/clock.c:152:3: note: Memory is released
kfree(psc);
^~~~~~~~~~
arch/arm/mach-ep93xx/clock.c:154:2: note: Use of memory after it is freed
return &psc->hw;
^ ~~~~~~~~
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.7%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-49047
-
cpe:2.3:o:linux:linux_kernel:5.16
-
cpe:2.3:o:linux:linux_kernel:5.16.0
-
cpe:2.3:o:linux:linux_kernel:5.16.1
-
cpe:2.3:o:linux:linux_kernel:5.16.10
-
cpe:2.3:o:linux:linux_kernel:5.16.11
-
cpe:2.3:o:linux:linux_kernel:5.16.12
-
cpe:2.3:o:linux:linux_kernel:5.16.13
-
cpe:2.3:o:linux:linux_kernel:5.16.14
-
cpe:2.3:o:linux:linux_kernel:5.16.15
-
cpe:2.3:o:linux:linux_kernel:5.16.16
-
cpe:2.3:o:linux:linux_kernel:5.16.17
-
cpe:2.3:o:linux:linux_kernel:5.16.18
-
cpe:2.3:o:linux:linux_kernel:5.16.19
-
cpe:2.3:o:linux:linux_kernel:5.16.2
-
cpe:2.3:o:linux:linux_kernel:5.16.20
-
cpe:2.3:o:linux:linux_kernel:5.16.3
-
cpe:2.3:o:linux:linux_kernel:5.16.4
-
cpe:2.3:o:linux:linux_kernel:5.16.5
-
cpe:2.3:o:linux:linux_kernel:5.16.6
-
cpe:2.3:o:linux:linux_kernel:5.16.62
-
cpe:2.3:o:linux:linux_kernel:5.16.7
-
cpe:2.3:o:linux:linux_kernel:5.16.8
-
cpe:2.3:o:linux:linux_kernel:5.16.9
-
cpe:2.3:o:linux:linux_kernel:5.17
-
cpe:2.3:o:linux:linux_kernel:5.17.1
-
cpe:2.3:o:linux:linux_kernel:5.17.2
-
cpe:2.3:o:linux:linux_kernel:5.17.3
-
cpe:2.3:o:linux:linux_kernel:5.18