SB2025100456 - Memory leak in Linux kernel gpu drm driver
Published: October 4, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100456
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mipi_dsi_remove_device_fn() function in drivers/gpu/drm/drm_mipi_dsi.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/262364574b05676d4b9ebde2ddd3588cd2efd8ce
- https://git.kernel.org/stable/c/26c1b4cfe56f040f71a51c92da1f4cac2e3b9455
- https://git.kernel.org/stable/c/353ab1c13fdd6e524edde780235a8ce9b892c81c
- https://git.kernel.org/stable/c/45120fa5e522d444e3fc1c5a9afc5d53eed91d00
- https://git.kernel.org/stable/c/668a8f17b5290d04ef7343636a5588a0692731a1
- https://git.kernel.org/stable/c/6fc2cd40db1969ba372ce9536dcfcdb87271eac4
- https://git.kernel.org/stable/c/8242167cfc83dd7e4c96f44b45f108db9bb88146
- https://git.kernel.org/stable/c/95ae458209f5a556bba98aff872f933694914eb7
- https://git.kernel.org/stable/c/c202cda08cd5693645d4990ad1eb2e8068a884ec
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.331