CVE-2022-49855

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg

ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain the wwan power state configuration from BIOS but is not freeing the acpi_object. The acpi_evaluate_dsm() returned acpi_object to be freed.

Free the acpi_object after use.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7e98d785ae6184c7580a33619dae8b651769ff08 < 13b1ea861e8aeb701bcfbfe436b943efa2d44029affected
LinuxLinux7e98d785ae6184c7580a33619dae8b651769ff08 < 7560ceef4d2832a67e8781d924e129c7f542376faffected
LinuxLinux7e98d785ae6184c7580a33619dae8b651769ff08 < d38a648d2d6cc7bee11c6f533ff9426a00c2a74caffected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.79 <= 5.15.*unaffected
LinuxLinux6.0.9 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References