CVE-2022-48880

platform/surface: aggregator: Add missing call to ssam_request_sync_free()

Description

In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In that case, the request should be freed via ssam_request_sync_free(). Currently it is leaked instead. Fix this.

N/A
CVSS
Severity:
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/d2dc110deabe7142b60ebeed689e67f92795ee24
https://git.kernel.org/stable/c/50b3cdf8239b11545f311c4f7b89e0092e4feedb
https://git.kernel.org/stable/c/c965daac370f08a9b71d573a71d13cda76f2a884

Frequently Asked Questions

What is the severity of CVE-2022-48880?
CVE-2022-48880 has not yet been assigned a CVSS score.
How to fix CVE-2022-48880?
To fix CVE-2022-48880, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-48880 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-48880 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-48880?
CVE-2022-48880 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.