CVE-2022-49757: EDAC/highbank: Fix memory leak in highbank_mc_probe()
First published: Thu Mar 27 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbank_mc_probe() When devres_open_group() fails, it returns -ENOMEM without freeing memory allocated by edac_mc_alloc(). Call edac_mc_free() on the error handling path to avoid a memory leak. [ bp: Massage commit message. ]
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | >=3.6<4.14.305 | |
| Linux Kernel | >=4.15<4.19.272 | |
| Linux Kernel | >=4.20<5.4.231 | |
| Linux Kernel | >=5.5<5.10.166 | |
| Linux Kernel | >=5.11<5.15.91 | |
| Linux Kernel | >=5.16<6.1.9 | |
| Linux Kernel | =6.2-rc1 | |
| Linux Kernel | =6.2-rc2 | |
| Linux Kernel | =6.2-rc3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/f1b3e23ed8df87d779ee86ac37f379e79a24169a
- https://git.kernel.org/stable/c/0db40e23b56d217eebd385bebb64057ef764b2c7
- https://git.kernel.org/stable/c/8d23f5d25264beb223ee79cdb530b88c237719fc
- https://git.kernel.org/stable/c/329fbd260352a7b9a83781d8b8bd96f95844a51f
- https://git.kernel.org/stable/c/caffa7fed1397d1395052272c93900176de86557
- https://git.kernel.org/stable/c/b7863ef8a8f0fee96b4eb41211f4918c0e047253
- https://git.kernel.org/stable/c/e7a293658c20a7945014570e1921bf7d25d68a36
Frequently Asked Questions
What is the severity of CVE-2022-49757?
CVE-2022-49757 has been classified as a moderate severity vulnerability.
How do I fix CVE-2022-49757?
To fix CVE-2022-49757, update to the latest version of the Linux kernel where the memory leak in highbank_mc_probe() has been addressed.
What is the main issue caused by CVE-2022-49757?
CVE-2022-49757 results in a memory leak when devres_open_group() fails without freeing allocated memory.
Which versions of Linux kernel are affected by CVE-2022-49757?
All affected versions of the Linux kernel are those prior to the patch that resolves CVE-2022-49757.
Is CVE-2022-49757 easy to exploit?
CVE-2022-49757 requires specific conditions that may make it less likely to be exploited in practice.
- collector/mitre-cve
- source/MITRE
- agent/description
- agent/first-publish-date
- agent/references
- agent/type
- agent/title
- agent/author
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.6
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.2-rc1
- version/linux kernel/6.2-rc2
- version/linux kernel/6.2-rc3