AZL-60982

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60982.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-60982
Upstream
Published
2025-04-16T15:16:04Z
Modified
2026-04-01T05:19:41.063224Z
Summary
CVE-2025-22097 affecting package kernel for versions less than 6.6.92.2-1
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/vkms: Fix use after free and double free on init error

If the driver initialization fails, the vkmsexit() function might access an uninitialized or freed defaultconfig pointer and it might double free it.

Fix both possible errors by initializing default_config only when the driver initialization succeeded.

References

Affected packages

Azure Linux:3 / kernel

Package

Name
kernel
Purl
pkg:rpm/azure-linux/kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.6.92.2-1

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-60982.json"