CVE-2022-48928

Summary

CVE-2022-48928 is a vulnerability in the Linux kernel related to a resource leak in the driver for the men_z188_adc device, specifically occurring when the iio_device_register() function fails. This flaw affects multiple products, including various models identified by codes such as "ohMfkz" and "SKy7r1." To remediate this issue, it is necessary to update the error handling path by adding a missing iounmap() call, which has been addressed in recent patches. The potential danger posed by this vulnerability includes significant availability impact due to unbalanced memory mapping, which could lead to system instability or crashes. The NVD rates this vulnerability with a medium severity score of 5.5 and indicates that it requires low privileges for exploitation, emphasizing its local attack vector.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.