CVE-2022-49915

mISDN: fix possible memory leak in mISDN_register_device()

Description

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device() to give up the reference, so that the name can be freed in kobject_cleanup() when the refcount is 0. Set device class before put_device() to avoid null release() function WARN message in device_release().

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/d1d1aede313eb2b9a84afd60ff6cfb7c33631e0e patch
https://git.kernel.org/stable/c/080aabfb29b2ee9cbb8894a1d039651943d3773e patch
https://git.kernel.org/stable/c/a636fc5a7cabd05699b5692ad838c2c7a3abec7b patch
https://git.kernel.org/stable/c/2ff6b669523d3b3d253a044fa9636a67d0694995 patch
https://git.kernel.org/stable/c/e77d213843e67b4373285712699b692f9c743f61 patch
https://git.kernel.org/stable/c/029d5b7688a2f3a86f2a3be5a6ba9cc968c80e41 patch
https://git.kernel.org/stable/c/0d4e91efcaee081e919b3c50e875ecbb84290e41 patch
https://git.kernel.org/stable/c/e7d1d4d9ac0dfa40be4c2c8abd0731659869b297 patch

Frequently Asked Questions

What is the severity of CVE-2022-49915?
CVE-2022-49915 has been scored as a medium severity vulnerability.
How to fix CVE-2022-49915?
To fix CVE-2022-49915, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49915 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49915 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49915?
CVE-2022-49915 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.