CVE-2022-48753

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48753
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48753.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48753
Downstream
Related
Published
2024-06-20T11:13:33Z
Modified
2025-10-08T05:47:16.332735Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
block: fix memory leak in disk_register_independent_access_ranges
Details

In the Linux kernel, the following vulnerability has been resolved:

block: fix memory leak in diskregisterindependentaccessranges

kobjectinitandadd() takes reference even when it fails. According to the doc of kobjectinitandadd()

If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object.

Fix this issue by adding kobjectput(). Callback function blkiarangessysfsrelease() in kobjectput() can handle the pointer "iars" properly.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2247f19ee1c5ad75ef095cdfb909a3244b88aa8
Fixed
fe4214a07e0b53d2af711f57519e33739c5df23f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2247f19ee1c5ad75ef095cdfb909a3244b88aa8
Fixed
83114df32ae779df57e0af99a8ba6c3968b2ba3d

Affected versions

v5.*

v5.15
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.2
v5.16.3
v5.16.4
v5.17-rc1

Database specific 

{
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "digest": {
                "length": 954.0,
                "function_hash": "181758607965758697903719544274964467831"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe4214a07e0b53d2af711f57519e33739c5df23f",
            "deprecated": false,
            "target": {
                "file": "block/blk-ia-ranges.c",
                "function": "disk_register_independent_access_ranges"
            },
            "signature_type": "Function",
            "id": "CVE-2022-48753-052a3bc2"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "223500357834893261896815969806463569826",
                    "211162682401172555741986288547618741379",
                    "309609375633902768206859582465401232157",
                    "213766133375841888620214832256229091430"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fe4214a07e0b53d2af711f57519e33739c5df23f",
            "deprecated": false,
            "target": {
                "file": "block/blk-ia-ranges.c"
            },
            "signature_type": "Line",
            "id": "CVE-2022-48753-7dd377b5"
        },
        {
            "signature_version": "v1",
            "digest": {
                "length": 954.0,
                "function_hash": "181758607965758697903719544274964467831"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@83114df32ae779df57e0af99a8ba6c3968b2ba3d",
            "deprecated": false,
            "target": {
                "file": "block/blk-ia-ranges.c",
                "function": "disk_register_independent_access_ranges"
            },
            "signature_type": "Function",
            "id": "CVE-2022-48753-82670c66"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "223500357834893261896815969806463569826",
                    "211162682401172555741986288547618741379",
                    "309609375633902768206859582465401232157",
                    "213766133375841888620214832256229091430"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@83114df32ae779df57e0af99a8ba6c3968b2ba3d",
            "deprecated": false,
            "target": {
                "file": "block/blk-ia-ranges.c"
            },
            "signature_type": "Line",
            "id": "CVE-2022-48753-8e65e95f"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.5