Vulnerabilities > CVE-2022-49653 - Memory Leak vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-401

NVD

Published: 2025-02-26

Updated: 2025-03-11

Summary

In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak in that code path. The leak is caused by the fact that release_resource() merely removes the resource from the tree but does not free its memory. We need to call release_mem_region() instead, which does free the memory. As a nice side effect, this brings back some symmetry between the legacy and MMIO paths.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.19 Linux Linux Kernel 5.15.42 Linux Linux Kernel 5.15.43 Linux Linux Kernel 5.15.44 Linux Linux Kernel 5.15.45 Linux Linux Kernel 5.15.46 Linux Linux Kernel 5.15.47 Linux Linux Kernel 5.15.48 Linux Linux Kernel 5.15.49 Linux Linux Kernel 5.15.50 Linux Linux Kernel 5.15.51 Linux Linux Kernel 5.15.52 Linux Linux Kernel 5.15.53 Linux Linux Kernel 5.17.10 Linux Linux Kernel 5.17.11 Linux Linux Kernel 5.17.12 Linux Linux Kernel 5.17.13 Linux Linux Kernel 5.17.14 Linux Linux Kernel 5.17.15 Linux Linux Kernel 5.18 Linux Linux Kernel 5.18.1 Linux Linux Kernel 5.18.2 Linux Linux Kernel 5.18.3 Linux Linux Kernel 5.18.4 Linux Linux Kernel 5.18.5 Linux Linux Kernel 5.18.6 Linux Linux Kernel 5.18.7 Linux Linux Kernel 5.18.8 Linux Linux Kernel 5.18.9 Linux Linux Kernel 5.18.10	42

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References