#VU104230 Memory leak in Linux kernel - CVE-2022-49243
Published: February 26, 2025 / Updated: May 11, 2025
Vulnerability identifier: #VU104230
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-49243
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at91sam9g20ek_audio_probe() function in sound/soc/atmel/sam9g20_wm8731.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/0325193cf40dc3a6e27d55a5b98680936deebcd0
- https://git.kernel.org/stable/c/32e6ceb05f36432811753852c674a301f944a24b
- https://git.kernel.org/stable/c/4793a02deb31b71b3984abc67bf1011a03c13b18
- https://git.kernel.org/stable/c/662ee5ac6b451aa5a27b8eebd397f2f5c7f42cec
- https://git.kernel.org/stable/c/81f266396237cea09a8c6322a6a78535f06ed345
- https://git.kernel.org/stable/c/a0bc36b247dcf4d21bf820bfc4bcbaf7f6cf19b5
- https://git.kernel.org/stable/c/b0c56a0071116a37c24df998166c22a7e4684626
- https://git.kernel.org/stable/c/f590797fa3c1bccdd19e55441592a23b46aef449
- https://git.kernel.org/stable/c/f8b7b9a0594715ecfbe6f18db2328d992242654a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.276