CVE-2022-49949
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
firmware_loader: Fix memory leak in firmware upload
In the case of firmware-upload, an instance of struct fw_upload is allocated in firmware_upload_register(). This data needs to be freed in fw_dev_release(). Create a new fw_upload_free() function in sysfs_upload.c to handle the firmware-upload specific memory frees and incorporate the missing kfree call for the fw_upload structure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 97730bbb242cde22b7140acd202ffd88823886c9 < baf92485d111be828e1ab84a995515b604b938e5 | affected |
| Linux | Linux | 97730bbb242cde22b7140acd202ffd88823886c9 < 789bba82f63c3e81dce426ba457fc7905b30ac6e | affected |
| Linux | Linux | 5.19 | affected |
| Linux | Linux | 0 < 5.19 | unaffected |
| Linux | Linux | 5.19.8 <= 5.19.* | unaffected |
| Linux | Linux | 6.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/baf92485d111be828e1ab84a995515b604b938e5
- https://git.kernel.org/stable/c/789bba82f63c3e81dce426ba457fc7905b30ac6e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.