Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mxser: fix xmit_buf leak in activate when LSR == 0xff When LSR is 0xff in ->activate() (rather unlike), we return an error. Provided ->shutdown() is not called when ->activate() fails, nothing actually frees the buffer in this case. Fix this by properly freeing the buffer in a designated label. We jump there also from the "!info->type" if now too.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.33, < 4.9.311 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9dPatch
- https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0fPatch
- https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690Patch
- https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7cPatch
- https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edcPatch
- https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370aPatch
- https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576Patch
- https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcddPatch
- https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4Patch
FAQ
What is CVE-2022-49191?
CVE-2022-49191 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: mxser: fix xmit_buf leak in activate when LSR == 0xff When LSR is 0xff in ->activate() (rather unlike), we return an error. Provid...
How severe is CVE-2022-49191?
CVE-2022-49191 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-49191?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.