#VU104401 Memory leak in Linux kernel - CVE-2022-49224
Published: February 26, 2025 / Updated: May 11, 2025
Vulnerability identifier: #VU104401
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-49224
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ab8500_fg_sysfs_init() function in drivers/power/supply/ab8500_fg.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/19aa3c98ed7b2616e105946cec804f897837ab84
- https://git.kernel.org/stable/c/261041097ab3470f1120b7733cbf472712304d1e
- https://git.kernel.org/stable/c/31cdf7897dba1f096b74f69d840f0575b8cdb9ae
- https://git.kernel.org/stable/c/41ed61364285ff38bbbe9ca8a45c8372ba72921d
- https://git.kernel.org/stable/c/6a4760463dbc6b603690938c468839985189ce0a
- https://git.kernel.org/stable/c/879356a6a05559582b0a7895d86d2d4359745c08
- https://git.kernel.org/stable/c/c32f6b6196b6efc1c68990dfeaac36fb8eb3b8e1
- https://git.kernel.org/stable/c/db3a61ef8e6aef3b888baa6a85926c2230c2cc56
- https://git.kernel.org/stable/c/ffb8e92b4cef92bd25563cf3d8b4489eb22bc61f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33