CVE-2022-49508

HIGH EPSS 19.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elan_input_configured 'input' is a managed resource allocated with devm_input_allocate_device(), so there is no need to call input_free_device() explicitly or there will be a double free. According to the doc of devm_input_allocate_device(): * Managed input devices do not need to be explicitly unregistered or * freed as it will be done automatically when owner device unbinds from * its driver (or binding fails).

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
19.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-415

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥4.17  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 7

  • git.kernel.org https://git.kernel.org/stable/c/1af20714fedad238362571620be0bd690ded05b6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/24f9dfdaece9bd75bb8dbfdba83eddeefdf7dc47
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5291451851feeb66fd4bf0826710f482f3b1ab38
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d0726725c7c560495f5ff364862a2cefea542e3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8bb1716507ebf12d50bbf181764481de3b6bc7fd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c92ec22a991778a096342cf1a917ae36c5c86a90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1d4f19a796551edc6679a681ea1756b8c578c08
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1af20714fedad238362571620be0bd690ded05b6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/24f9dfdaece9bd75bb8dbfdba83eddeefdf7dc47
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5291451851feeb66fd4bf0826710f482f3b1ab38
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d0726725c7c560495f5ff364862a2cefea542e3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8bb1716507ebf12d50bbf181764481de3b6bc7fd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c92ec22a991778a096342cf1a917ae36c5c86a90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1d4f19a796551edc6679a681ea1756b8c578c08
    Patch