CVE-2022-48778

mtd: rawnand: gpmi: don't leak PM reference in error path

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped.

7.8

CVSS

Severity: High

CVSS 3.1 •

EPSS 0.04%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/4cd3281a910a5adf73b2a0a82241dd67844d0b25	patch mailing list
https://git.kernel.org/stable/c/a4eeeaca50199e3f19eb13ac3b7e0bbb93e22de4	patch mailing list
https://git.kernel.org/stable/c/4a7ec50298b1127c5024a750c969ea0794899545	patch mailing list
https://git.kernel.org/stable/c/58d3111eafce9e4398654b07f0b1dac27f26ee5b	patch mailing list
https://git.kernel.org/stable/c/9161f365c91614e5a3f5c6dcc44c3b1b33bc59c0	patch mailing list

Frequently Asked Questions

What is the severity of CVE-2022-48778?: CVE-2022-48778 has been scored as a high severity vulnerability.
How to fix CVE-2022-48778?: To fix CVE-2022-48778, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-48778 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2022-48778 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-48778?: CVE-2022-48778 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.