Memory Leak Affecting kernel-debug-core package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL8-KERNELDEBUGCORE-8282705
- published 23 Oct 2024
- disclosed 21 Oct 2024
Introduced: 21 Oct 2024
CVE-2022-49011 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:8 kernel-debug-core.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-debug-core package and not the kernel-debug-core package as distributed by RHEL.
See How to fix? for RHEL:8 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put(). So call it after using to avoid refcount leak.
References
- https://access.redhat.com/security/cve/CVE-2022-49011
- https://git.kernel.org/stable/c/0dd1da5a15eeecb2fe4cf131b3216fb455af783c
- https://git.kernel.org/stable/c/2f74cffc7c85f770b1b1833dccb03b8cde3be102
- https://git.kernel.org/stable/c/6e035d5a2a6b907cfce9a80c5f442c2e459cd34e
- https://git.kernel.org/stable/c/7dec14537c5906b8bf40fd6fd6d9c3850f8df11d
- https://git.kernel.org/stable/c/bb75a0d1223d43f97089841aecb28a9b4de687a9
- https://git.kernel.org/stable/c/c40db1e5f316792b557d2be37e447c20d9ac4635
- https://git.kernel.org/stable/c/ea5844f946b1ec5c0b7c115cd7684f34fd48021b
- https://git.kernel.org/stable/c/f598da27acbeee414679cacd14294db3e273e3d2