CVE-2022-48768

tracing/histogram: Fix a potential memory leak for kstrdup()

Description

In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via kfree(p).

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.05%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8 patch
https://git.kernel.org/stable/c/d71b06aa995007eafd247626d0669b9364c42ad7 patch
https://git.kernel.org/stable/c/e33fa4a46ee22de88a700e2e3d033da8214a5175 patch
https://git.kernel.org/stable/c/df86e2fe808c3536a9dba353cc2bebdfea00d0cf patch
https://git.kernel.org/stable/c/e629e7b525a179e29d53463d992bdee759c950fb patch

Frequently Asked Questions

What is the severity of CVE-2022-48768?
CVE-2022-48768 has been scored as a medium severity vulnerability.
How to fix CVE-2022-48768?
To fix CVE-2022-48768, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-48768 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-48768 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-48768?
CVE-2022-48768 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.