CVE-2022-49855

In the Linux kernel, the following vulnerability has been resolved:

net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg

ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain the wwan power state configuration from BIOS but is not freeing the acpi_object. The acpi_evaluate_dsm() returned acpi_object to be freed.

Free the acpi_object after use.

Published: May 1, 2025
Updated: May 8, 2025
CVE: CVE-2022-49855
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-401

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.1-rc2	6.1-rc2.x
linux / linux_kernel	6.1-rc1	6.1-rc1.x
linux / linux_kernel	6.1-rc3	6.1-rc3.x
linux / linux_kernel	6.1-rc4	6.1-rc4.x
linux / linux_kernel	5.16	6.0.9
linux / linux_kernel	5.14	5.15.79

https://git.kernel.org/stable/c/13b1ea861e8aeb701bcfbfe436b943efa2d44029
https://git.kernel.org/stable/c/7560ceef4d2832a67e8781d924e129c7f542376f
https://git.kernel.org/stable/c/d38a648d2d6cc7bee11c6f533ff9426a00c2a74c

Vulnerability Database

289,599

CVE-2022-49855