CVE-2022-49191

MEDIUM EPSS 16.5%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mxser: fix xmit_buf leak in activate when LSR == 0xff When LSR is 0xff in ->activate() (rather unlike), we return an error. Provided ->shutdown() is not called when ->activate() fails, nothing actually frees the buffer in this case. Fix this by properly freeing the buffer in a designated label. We jump there also from the "!info->type" if now too.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
16.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥2.6.33  –  <4.9.311
linuxlinux_kernel*≥4.10  –  <4.14.276
linuxlinux_kernel*≥4.15  –  <4.19.238
linuxlinux_kernel*≥4.20  –  <5.4.189
linuxlinux_kernel*≥5.5  –  <5.10.110
linuxlinux_kernel*≥5.11  –  <5.15.33
linuxlinux_kernel*≥5.16  –  <5.16.19
linuxlinux_kernel*≥5.17  –  <5.17.2

References 9

  • git.kernel.org https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4
    Patch