AZL-56247

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-56247.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-56247

Upstream

CVE-2022-48706

Published

2024-05-21T16:15:12Z

Modified

2026-04-01T05:18:50.427346Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2022-48706 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

vdpa: ifcvf: Do proper cleanup if IFCVF init fails

ifcvfmgmtdev leaks memory if it is not freed before returning. Call is made to correct return statement so memory does not leak. ifcvfinithw does not take care of this so it is needed to do it here.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-48706

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-56247.json"