vulnerability
Ubuntu: (CVE-2022-49191): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:N/A:C) | Feb 26, 2025 | Mar 3, 2025 | Jun 12, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:N/A:C)
Published
Feb 26, 2025
Added
Mar 3, 2025
Modified
Jun 12, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
mxser: fix xmit_buf leak in activate when LSR == 0xff
When LSR is 0xff in ->activate() (rather unlike), we return an error.
Provided ->shutdown() is not called when ->activate() fails, nothing
actually frees the buffer in this case.
Fix this by properly freeing the buffer in a designated label. We jump
there also from the "!info->type" if now too.
Solution(s)
ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-4ubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-aws-hweubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-4-15ubuntu-upgrade-linux-azure-5-15ubuntu-upgrade-linux-azure-5-4ubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-4-15ubuntu-upgrade-linux-gcp-5-4ubuntu-upgrade-linux-gcp-fipsubuntu-upgrade-linux-gkeubuntu-upgrade-linux-hweubuntu-upgrade-linux-hwe-5-15ubuntu-upgrade-linux-hwe-5-4ubuntu-upgrade-linux-ibmubuntu-upgrade-linux-ibm-5-4ubuntu-upgrade-linux-intel-iotgubuntu-upgrade-linux-intel-iotg-5-15ubuntu-upgrade-linux-iotubuntu-upgrade-linux-kvmubuntu-upgrade-linux-lowlatencyubuntu-upgrade-linux-lowlatency-hwe-5-15ubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-4ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-raspi-5-4ubuntu-upgrade-linux-realtime
References
- CVE-2022-49191
- https://attackerkb.com/topics/CVE-2022-49191
- URL-https://git.kernel.org/linus/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4
- URL-https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
- URL-https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f
- URL-https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690
- URL-https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c
- URL-https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc
- URL-https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a
- URL-https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576
- URL-https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd
- URL-https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4
- URL-https://www.cve.org/CVERecord?id=CVE-2022-49191
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.