CVE-2022-49881

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_nowait() can fail without calling regdb_fw_cb() and thus leak memory.

Reserved 2025-05-01 | Published 2025-05-01 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

007f6c5e6eb45c81ee89368a5f226572ae638831 before 219446396786330937bcd382a7bc4ccd767383bc
affected

007f6c5e6eb45c81ee89368a5f226572ae638831 before 0ede1a988299e95d54bd89551fd635980572e920
affected

007f6c5e6eb45c81ee89368a5f226572ae638831 before e1e12180321f416d83444f2cdc9259e0f5093d35
affected

007f6c5e6eb45c81ee89368a5f226572ae638831 before 38c9fa2cc6bf4b6e1a74057aef8b5cffd23d3264
affected

007f6c5e6eb45c81ee89368a5f226572ae638831 before e9b5a4566d5bc71cc901be50d1fa24da00613120
affected

007f6c5e6eb45c81ee89368a5f226572ae638831 before 57b962e627ec0ae53d4d16d7bd1033e27e67677a
affected

Default status
affected

4.15
affected

Any version before 4.15
unaffected

4.19.267
unaffected

5.4.225
unaffected

5.10.155
unaffected

5.15.79
unaffected

6.0.9
unaffected

6.1
unaffected

References

git.kernel.org/...c/219446396786330937bcd382a7bc4ccd767383bc

git.kernel.org/...c/0ede1a988299e95d54bd89551fd635980572e920

git.kernel.org/...c/e1e12180321f416d83444f2cdc9259e0f5093d35

git.kernel.org/...c/38c9fa2cc6bf4b6e1a74057aef8b5cffd23d3264

git.kernel.org/...c/e9b5a4566d5bc71cc901be50d1fa24da00613120

git.kernel.org/...c/57b962e627ec0ae53d4d16d7bd1033e27e67677a

cve.org (CVE-2022-49881)

nvd.nist.gov (CVE-2022-49881)

Download JSON