CVE-2022-49757

MEDIUM

Linux Kernel < 4.14.305 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbank_mc_probe() When devres_open_group() fails, it returns -ENOMEM without freeing memory allocated by edac_mc_alloc(). Call edac_mc_free() on the error handling path to avoid a memory leak. [ bp: Massage commit message. ]

References (7)

[Patch] https://git.kernel.org/stable/c/0db40e23b56d217eebd385bebb64057ef764b2c7

[Patch] https://git.kernel.org/stable/c/329fbd260352a7b9a83781d8b8bd96f95844a51f

[Patch] https://git.kernel.org/stable/c/8d23f5d25264beb223ee79cdb530b88c237719fc

[Patch] https://git.kernel.org/stable/c/b7863ef8a8f0fee96b4eb41211f4918c0e047253

[Patch] https://git.kernel.org/stable/c/caffa7fed1397d1395052272c93900176de86557

[Patch] https://git.kernel.org/stable/c/e7a293658c20a7945014570e1921bf7d25d68a36

[Patch] https://git.kernel.org/stable/c/f1b3e23ed8df87d779ee86ac37f379e79a24169a

Scores

CVSS v3 5.5

EPSS 0.0006

EPSS Percentile 19.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (10)

linux/linux_kernel < 4.14.305

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/Kernel < 4.14.305linux

linux/Kernel < 4.19.272linux

linux/Kernel < 5.4.231linux

linux/Kernel < 5.10.166linux

linux/Kernel < 5.15.91linux

linux/Kernel < 6.1.9linux

Timeline

Published Mar 27, 2025

Tracked Since Feb 18, 2026