CVE-2022-49906
MEDIUM EPSS 5.3%
Published May 1, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 ("ibmvnic: retry reset if there are no other resets") introduces an issue that results in a 32 byte memory leak whenever the last rwi in the list gets processed.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
5.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-401
Affected Products 5
References 3
- git.kernel.org https://git.kernel.org/stable/c/535b78739ae75f257c894a05b1afa86ad9a3669e
- git.kernel.org https://git.kernel.org/stable/c/c3543a287cfba9105dcc4bb41eb817f51266caaf
- git.kernel.org https://git.kernel.org/stable/c/d6dd2fe71153f0ff748bf188bd4af076fe09a0a6
Remediation
- git.kernel.org https://git.kernel.org/stable/c/535b78739ae75f257c894a05b1afa86ad9a3669e
- git.kernel.org https://git.kernel.org/stable/c/c3543a287cfba9105dcc4bb41eb817f51266caaf
- git.kernel.org https://git.kernel.org/stable/c/d6dd2fe71153f0ff748bf188bd4af076fe09a0a6