CVE-2022-49729

MEDIUM EPSS 15.4%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetooth: btusb: Fix memory leak in play_deferred"), we thought a patch might be needed here as well. Currently usb_submit_urb is called directly to submit deferred tx urbs after unanchor them. So the usb_giveback_urb_bh would failed to unref it in usb_unanchor_urb and cause memory leak. Put those urbs in tx_anchor to avoid the leak, and also fix the error handling.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <4.9.320
linuxlinux_kernel*≥4.10  –  <4.14.285
linuxlinux_kernel*≥4.15  –  <4.19.249
linuxlinux_kernel*≥4.20  –  <5.4.200
linuxlinux_kernel*≥5.5  –  <5.10.124
linuxlinux_kernel*≥5.11  –  <5.15.49
linuxlinux_kernel*≥5.16  –  <5.18.6
linuxlinux_kernel5.19any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0eeec1a8b0cd38c47edeb042980a6aeacecf35ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1eb0afecfb9cd0f38424b82bd9aaa542310934ee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e7c7df6991ac349f2fa8540047757df666e610f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3eadc560c1919b8193d17334145dad9a917960e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6616872cfe7f0474a22dd1f12699f95bcf81a54d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b4d8b44e7163a77fe942f5b80e1651c1b78c537
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a4d480702b71184fabcf379b80bf7539716752e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f21f908347712b8288ffe83b531b5e977042b29c
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0eeec1a8b0cd38c47edeb042980a6aeacecf35ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1eb0afecfb9cd0f38424b82bd9aaa542310934ee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e7c7df6991ac349f2fa8540047757df666e610f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3eadc560c1919b8193d17334145dad9a917960e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6616872cfe7f0474a22dd1f12699f95bcf81a54d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b4d8b44e7163a77fe942f5b80e1651c1b78c537
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a4d480702b71184fabcf379b80bf7539716752e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f21f908347712b8288ffe83b531b5e977042b29c
    Patch