{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-48924","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-08-21T06:06:23.296Z","datePublished":"2024-08-22T01:33:05.770Z","dateUpdated":"2025-05-04T08:26:12.248Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T08:26:12.248Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: fix memory leak in int3400_notify()\n\nIt is easy to hit the below memory leaks in my TigerLake platform:\n\nunreferenced object 0xffff927c8b91dbc0 (size 32):\n  comm \"kworker/0:2\", pid 112, jiffies 4294893323 (age 83.604s)\n  hex dump (first 32 bytes):\n    4e 41 4d 45 3d 49 4e 54 33 34 30 30 20 54 68 65  NAME=INT3400 The\n    72 6d 61 6c 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5  rmal.kkkkkkkkkk.\n  backtrace:\n    [<ffffffff9c502c3e>] __kmalloc_track_caller+0x2fe/0x4a0\n    [<ffffffff9c7b7c15>] kvasprintf+0x65/0xd0\n    [<ffffffff9c7b7d6e>] kasprintf+0x4e/0x70\n    [<ffffffffc04cb662>] int3400_notify+0x82/0x120 [int3400_thermal]\n    [<ffffffff9c8b7358>] acpi_ev_notify_dispatch+0x54/0x71\n    [<ffffffff9c88f1a7>] acpi_os_execute_deferred+0x17/0x30\n    [<ffffffff9c2c2c0a>] process_one_work+0x21a/0x3f0\n    [<ffffffff9c2c2e2a>] worker_thread+0x4a/0x3b0\n    [<ffffffff9c2cb4dd>] kthread+0xfd/0x130\n    [<ffffffff9c201c1f>] ret_from_fork+0x1f/0x30\n\nFix it by calling kfree() accordingly."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/thermal/intel/int340x_thermal/int3400_thermal.c"],"versions":[{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"f0ddc5184b0127038d05008e2a69f89d1e13f980","status":"affected","versionType":"git"},{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"c3fa6d1937a8d0828131a04ae2cd2c30d0668693","status":"affected","versionType":"git"},{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"2e798814e01827871938ff172d2b2ccf1e74b355","status":"affected","versionType":"git"},{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"e098933866f9e1dd3ef4eebbe2e3d504f970f599","status":"affected","versionType":"git"},{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"ba9efbbf6745750d34c1e87c9539ce9db645ca0a","status":"affected","versionType":"git"},{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"33c73a4d7e7b19313a6b417152f5365016926418","status":"affected","versionType":"git"},{"version":"38e44da591303d08b0d965a033e11ade284999d0","lessThan":"3abea10e6a8f0e7804ed4c124bea2d15aca977c8","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/thermal/intel/int340x_thermal/int3400_thermal.c"],"versions":[{"version":"4.14","status":"affected"},{"version":"0","lessThan":"4.14","status":"unaffected","versionType":"semver"},{"version":"4.14.274","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.237","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.188","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.103","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.26","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16.12","lessThanOrEqual":"5.16.*","status":"unaffected","versionType":"semver"},{"version":"5.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"4.14.274"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"4.19.237"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.4.188"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.103"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.15.26"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.16.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/f0ddc5184b0127038d05008e2a69f89d1e13f980"},{"url":"https://git.kernel.org/stable/c/c3fa6d1937a8d0828131a04ae2cd2c30d0668693"},{"url":"https://git.kernel.org/stable/c/2e798814e01827871938ff172d2b2ccf1e74b355"},{"url":"https://git.kernel.org/stable/c/e098933866f9e1dd3ef4eebbe2e3d504f970f599"},{"url":"https://git.kernel.org/stable/c/ba9efbbf6745750d34c1e87c9539ce9db645ca0a"},{"url":"https://git.kernel.org/stable/c/33c73a4d7e7b19313a6b417152f5365016926418"},{"url":"https://git.kernel.org/stable/c/3abea10e6a8f0e7804ed4c124bea2d15aca977c8"}],"title":"thermal: int340x: fix memory leak in int3400_notify()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2022-48924","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T15:33:18.769606Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-12T17:33:00.629Z"}}]}}