CVE-2022-49855

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the ipc pcie read bios cfg function. This function uses acpi evaluate dsm to obtain the wwan power state configuration from the BIOS but fails to free the acpi object, which is returned by acpi evaluate dsm for release. The issue is resolved by freeing the acpi object after its use.

Recommendations For the affected Linux kernel versions, free the acpi object after use in the ipc pcie read bios cfg function to prevent memory leaks. As a temporary workaround, consider restricting the use of the ipc pcie read bios cfg function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.