vulnerability

Debian: CVE-2022-49746: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Mar 27, 2025	Mar 31, 2025	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Mar 27, 2025

Added

Mar 31, 2025

Modified

Mar 30, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init

If the function sdma_load_context() fails, the sdma_desc will be
freed, but the allocated desc->bd is forgot to be freed.

We already met the sdma_load_context() failure case and the log as
below:
[ 450.699064] imx-sdma 30bd0000.dma-controller: Timeout waiting for CH0 ready
...

In this case, the desc->bd will not be freed without this change.

Solution

debian-upgrade-linux

References

CVE-2022-49746
https://attackerkb.com/topics/CVE-2022-49746
CWE-401
EUVD-EUVD-2022-55177
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-55177

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report