PT-2025-8091 · Linux+3 · Linux Kernel+3

Ming Qian

Publicado

2022-01-01

Atualizado

2025-09-23

CVE-2022-49163

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel's imx-jpeg driver can cause an out-of-bounds array access when parsing jpeg data. If an error occurs before acquiring a slot, the driver may use an incorrect slot number, leading to unauthorized changes in the num domains variable. This can prevent the driver from detaching the pm domain during module removal, resulting in a kernel panic when attempting to reload the module.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-404CWE-125

Identificadores relacionados

BDU:2026-03932

CVE-2022-49163

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Produtos afetados

Astra Linux

Debian

Linux Kernel

Suse

PT-2025-8091 · Linux+3 · Linux Kernel+3

CVE-2022-49163

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1334