We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-49949

firmware_loader: Fix memory leak in firmware upload



Description

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix memory leak in firmware upload In the case of firmware-upload, an instance of struct fw_upload is allocated in firmware_upload_register(). This data needs to be freed in fw_dev_release(). Create a new fw_upload_free() function in sysfs_upload.c to handle the firmware-upload specific memory frees and incorporate the missing kfree call for the fw_upload structure.

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

97730bbb242cde22b7140acd202ffd88823886c9 before baf92485d111be828e1ab84a995515b604b938e5
affected

97730bbb242cde22b7140acd202ffd88823886c9 before 789bba82f63c3e81dce426ba457fc7905b30ac6e
affected

Default status
affected

5.19
affected

Any version before 5.19
unaffected

5.19.8
unaffected

6.0
unaffected

References

git.kernel.org/...c/baf92485d111be828e1ab84a995515b604b938e5

git.kernel.org/...c/789bba82f63c3e81dce426ba457fc7905b30ac6e

cve.org (CVE-2022-49949)

nvd.nist.gov (CVE-2022-49949)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2022-49949

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.