SB2025091655 - Memory leak in Linux kernel mtd maps driver
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB2025091655
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50324)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pxa2xx_flash_probe() function in drivers/mtd/maps/pxa2xx-flash.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1d0c2b762dad2b8dd166e17c0e90b88b86a3284f
- https://git.kernel.org/stable/c/2399401feee27c639addc5b7e6ba519d3ca341bf
- https://git.kernel.org/stable/c/6fa9550ef3e13d7e9b2d4db6dd57292ccd072a90
- https://git.kernel.org/stable/c/932baf593eb63dff40e40d7674f076fb7932cd5b
- https://git.kernel.org/stable/c/a1b061cafdbcb1ff259731f30e2bdc1de64dcaba
- https://git.kernel.org/stable/c/cb3f35f44887a8486737fe88d58050f1df290758
- https://git.kernel.org/stable/c/cf9c4c25caad05c6b492cbba739a467511814279
- https://git.kernel.org/stable/c/e2324a0912ad26a0ea5baaf81aed0ca880804158
- https://git.kernel.org/stable/c/f35981083cb3fc1ba6427c1543152c5e3f59d104
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86