CVE-2022-49530

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/2615464854505188f909d0c07c37a6623693b5c7", "name": "https://git.kernel.org/stable/c/2615464854505188f909d0c07c37a6623693b5c7", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/43eb9b667b95f2a31c63e8949b0d2161b9be59c3", "name": "https://git.kernel.org/stable/c/43eb9b667b95f2a31c63e8949b0d2161b9be59c3", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6c5bdaa1325be7f04b79ea992ab216739192d342", "name": "https://git.kernel.org/stable/c/6c5bdaa1325be7f04b79ea992ab216739192d342", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/a5ce7051db044290b1a95045ff03c249005a3aa4", "name": "https://git.kernel.org/stable/c/a5ce7051db044290b1a95045ff03c249005a3aa4", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/af832028af6f44c6c45645757079c4ed6884ade5", "name": "https://git.kernel.org/stable/c/af832028af6f44c6c45645757079c4ed6884ade5", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/c0e811c4ccf3b42705976285e3a94cc82dea7300", "name": "https://git.kernel.org/stable/c/c0e811c4ccf3b42705976285e3a94cc82dea7300", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/ca1ce206894dd976275c78ee38dbc19873f22de9", "name": "https://git.kernel.org/stable/c/ca1ce206894dd976275c78ee38dbc19873f22de9", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/f3fa2becf2fc25b6ac7cf8d8b1a2e4a86b3b72bd", "name": "https://git.kernel.org/stable/c/f3fa2becf2fc25b6ac7cf8d8b1a2e4a86b3b72bd", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/fd2eff8b9dcbe469c3b7bbbc7083ab5ed94de07b", "name": "https://git.kernel.org/stable/c/fd2eff8b9dcbe469c3b7bbbc7083ab5ed94de07b", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix double free in si_parse_power_table()\n\nIn function si_parse_power_table(), array adev->pm.dpm.ps and its member\nis allocated. If the allocation of each member fails, the array itself\nis freed and returned with an error code. However, the array is later\nfreed again in si_dpm_fini() function which is called when the function\nreturns an error.\n\nThis leads to potential double free of the array adev->pm.dpm.ps, as\nwell as leak of its array members, since the members are not freed in\nthe allocation function and the array is not nulled when freed.\nIn addition adev->pm.dpm.num_ps, which keeps track of the allocated\narray member, is not updated until the member allocation is\nsuccessfully finished, this could also lead to either use after free,\nor uninitialized variable access in si_dpm_fini().\n\nFix this by postponing the free of the array until si_dpm_fini() and\nincrement adev->pm.dpm.num_ps everytime the array member is allocated."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-415"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-49530", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}}, "publishedDate": "2025-02-26T07:01Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.4.198", "versionStartIncluding": "4.20"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.121", "versionStartIncluding": "5.5"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.46", "versionStartIncluding": "5.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.17.14", "versionStartIncluding": "5.16"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.18.3", "versionStartIncluding": "5.18"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.14.283", "versionStartIncluding": "4.10"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.9.318"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.247", "versionStartIncluding": "4.15"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-10T21:15Z"}