PT-2025-18494 · Linux+2 · Linux Kernel+2

Published

2022-11-18

Updated

2025-07-10

CVE-2022-49777

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the i8042 module. The issue involved a leak of the platform device on module removal. To fix this, the code now avoids resetting the module-wide i8042 platform device pointer in i8042 probe() or i8042 remove(), allowing the device to be properly destroyed by i8042 exit() on module unload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-401

Related Identifiers

BDU:2026-03970

CVE-2022-49777

SUSE-SU-2025:01918-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:01982-1

SUSE-SU-2025:01995-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

SUSE-SU-2025:2173-1

SUSE-SU-2025_01982-1

SUSE-SU-2025_02173-1

SUSE-SU-2025_02262-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-18494 · Linux+2 · Linux Kernel+2

CVE-2022-49777

Weakness Enumeration

Related Identifiers

Affected Products

References · 553