CVE-2022-49713

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: Fix memory leak in dwc2_hcd_init

usb_create_hcd will alloc memory for hcd, and we should call usb_put_hcd to free it when platform_get_resource() fails to prevent memory leak. goto error2 label instead error1 to fix this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b < 981ee40649e5fd9550f82db1fbb3bfab037da346affected
LinuxLinuxa7182993dd8e09f96839ddc3ac54f9b37370d282 < 84e6d0af87e27bbc0db94f2e7323b34abe17b6e5affected
LinuxLinux8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7 < 6506aff2dc2f7059aa3d45ee2e8639b25e87090faffected
LinuxLinux2754fa3b73df7d0ae042f3ed6cfd9df9042f6262 < a44a8a762f7fe9ad3c065813d058e835a6180cb2affected
LinuxLinux856e6e8e0f9300befa87dde09edb578555c99a82 < 701d8ec01e0f229d4db6f43d3d64ee479120cbebaffected
LinuxLinux856e6e8e0f9300befa87dde09edb578555c99a82 < 52bfcedbfd5bf962dbdcb6e761f4d0dd3ba26dfdaffected
LinuxLinux856e6e8e0f9300befa87dde09edb578555c99a82 < 3755278f078460b021cd0384562977bf2039a57aaffected
LinuxLinux337f00a0bc62d7cb7d10ec0b872c79009a1641dfaffected
LinuxLinux4.14.250 < 4.14.285affected
LinuxLinux4.19.210 < 4.19.249affected
LinuxLinux5.4.152 < 5.4.200affected
LinuxLinux5.10.72 < 5.10.124affected
LinuxLinux5.14.11 < 5.15affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux4.14.285 <= 4.14.*unaffected
LinuxLinux4.19.249 <= 4.19.*unaffected
LinuxLinux5.4.200 <= 5.4.*unaffected
LinuxLinux5.10.124 <= 5.10.*unaffected
LinuxLinux5.15.49 <= 5.15.*unaffected
LinuxLinux5.18.6 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References