CVE-2022-49665

EPSS 0.04%
Veröffentlicht 26.02.2025 07:01:41
Zuletzt bearbeitet 23.10.2025 16:04:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource

Unlike release_mem_region(), a call to release_resource() does not
free the resource, so it has to be freed explicitly to avoid a memory
leak.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 7 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.18.1 < 5.18.10

Linux ≫ Linux Kernel Version5.18 Update-

Linux ≫ Linux Kernel Version5.18 Updaterc7

Linux ≫ Linux Kernel Version5.19 Updaterc1

Linux ≫ Linux Kernel Version5.19 Updaterc2

Linux ≫ Linux Kernel Version5.19 Updaterc3

Linux ≫ Linux Kernel Version5.19 Updaterc4

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.112

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3884bf75fa044c73e843d95dd71a424e80ebb095

Patch

https://git.kernel.org/stable/c/d2f33f0c3ad7b0d5262d9b986f1353265fad7a08

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-49665

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-49665

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-49665

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-49665