CVE-2022-49050

In the Linux kernel, the following vulnerability has been resolved:

memory: renesas-rpc-if: fix platform-device leak in error path

Make sure to free the flash platform device in the event that
registration fails during probe.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
linuxlinux_kernel
5.9 ≤
𝑥
< 5.10.112
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.35
linuxlinux_kernel
5.16 ≤
𝑥
< 5.17.4
linuxlinux_kernel
5.18:rc1
linuxlinux_kernel
5.18:rc2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/05d1824a7fb43ab9adb1eb82404954af81d8c984
https://git.kernel.org/stable/c/66b9b707ea4dcafca92b6261c6924652914e3b73
https://git.kernel.org/stable/c/b452dbf24d7d9a990d70118462925f6ee287d135
https://git.kernel.org/stable/c/c089ffc846c85f200db34ad208338f4f81a6d82d