Incomplete Cleanup

CVE-2022-48893

Medium

5.5/10

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Cleanup partial engine discovery failures If we abort driver initialisation in the middle of gt/engine discovery, some engines will be fully setup and some not. Those incompletely setup engines only have 'engine->release == NULL' and so will leak any of the common objects allocated. v2: - Drop the destroy_pinned_context() helper for now. It's not really worth it with just a single callsite at the moment. (Janusz)

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-459 - Incomplete Cleanup

The software does not properly "clean up" and remove temporary or supporting resources after they have been used.

References

Advisory Timeline

Published Aug 21, 2024

Incomplete Cleanup

CVE-2022-48893

Summary

CWE-459 - Incomplete Cleanup

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS