CVE-2022-49665

MEDIUM

Linux Kernel 5.18.1-5.18.9 - Use-After-Free in thinkpad_acpi EFCH MMIO Resource Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does not free the resource, so it has to be freed explicitly to avoid a memory leak.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/3884bf75fa044c73e843d95dd71a424e80ebb095

Patch

https://git.kernel.org/stable/c/d2f33f0c3ad7b0d5262d9b986f1353265fad7a08

Scores

CVSS v3 5.5

EPSS 0.0020

EPSS Percentile 10.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (10)

linux/Kernel 5.18.0 - 5.18.10linux

Linux/Linux < 5.18

Linux/Linux 455cd867b85b53fd3602345f9b8a8facc551adc9 - 3884bf75fa044c73e843d95dd71a424e80ebb095

Linux/Linux 455cd867b85b53fd3602345f9b8a8facc551adc9 - d2f33f0c3ad7b0d5262d9b986f1353265fad7a08

Linux/Linux 5.18

Linux/Linux 5.18.10 - 5.18.*

Linux/Linux 5.19

linux/linux_kernel 5.18 (2 CPE variants)

linux/linux_kernel 5.19 rc1 (4 CPE variants)

linux/linux_kernel 5.18.1 - 5.18.10

Published Feb 26, 2025

Tracked Since Feb 18, 2026